// Main App
const express = require('express');
const app = express();
const exphbs = require ('express-handlebars');
const { SetupEnvironment } = require('./environ');
const SetupRouter = require('./router');

// Database
const database = require('./database');

// Session
const session = require('express-session');
const SequelizeStore = require('connect-session-sequelize')(session.Store);
const cookieParser = require('cookie-parser');

// Error Handling
const { GenericErrorByCode, FormatForAPI } = require('./errors');

// Helpers
const { HBSHelpers } = require('./helpers');

// Security
const helmet = require('helmet');

// First things first, setup the environment
SetupEnvironment();

// Get what we need for starting the server
const serverPort = process.env.SRV_PORT;

// Database Setup
const db = database.db;
const sessionStore = new SequelizeStore({
    db: db,
    table: 'Session'
})

// Helmet setup
app.use(
    helmet.contentSecurityPolicy({
        directives: {
            defaultSrc: ["'self'"],
            scriptSrc: ["'self'"],
            objectSrc: ["'none'"],
            styleSrc: ["'self'", "'unsafe-inline'"],
            imgSrc: ["'self'", 'data:', '*'],
            mediaSrc: ["'self'", 'data:', '*'],
            connectSrc: ["'self'", 'data:', '*']
        }
    })
);

// Handlebars Setup
const hbs = exphbs.create({
    helpers: HBSHelpers,
    defaultLayout: 'main',
    extname: '.handlebars',
    
    runtimeOptions: {
        allowProtoPropertiesByDefault: true,
        allowProtoMethodsByDefault: true,
    },
});
app.engine('handlebars', hbs.engine);
app.set('view engine', 'handlebars');

// Cookie parsing
app.use(cookieParser(process.env.CKYKEY));

// Session
app.use(session({
    name: 'session',
    secret: process.env.SESSKEY,
    resave: false,
    saveUninitialized: false,
    store: sessionStore,
    cookie: {
        httpOnly: true,
        secure: process.env.NODE_ENV === 'prod',
        sameSite: 'strict'
    },
}));

// Setup Assets
app.use(express.static('assets'));

// Setup Router
SetupRouter(app);

db.sync().then(() => {
    app.use((req, res, next) => {
        next(GenericErrorByCode(404));
    });

    app.use((err, req, res, next) => {
        res.status(err.status || 500);
        res.json(FormatForAPI(err.message || 'Internal Server Error'));
    });

    app.listen(serverPort, () => {
        console.log(`NDM running @ localhost:${serverPort}`);
    });
});