const pool = global
const express = require('express');
const app = new express.Router();

app.get('/user', (req, res) => {
	if (!req.session.userAuthenticated) {
		res.redirect('/user/login');
		return;
	}
	res.render('user/index', { user: req.session.user });
});

app.get('/user/login', (req, res) => {
	res.render('user/login');
});

app.post('/user/login', (req, res) => {
	const apiKey = req.body.apiKey;
	pool.getConnection().then(conn => {
		conn.query("SELECT * FROM routes WHERE apiKey = ?", [apiKey]).then((rows) => {
			const row = rows[0];
			if (!row) {
				res.status(401).send('Unauthorized');
				return;
			}
			req.session.userAuthenticated = true;
			req.session.userData = row;
			res.redirect('/user');
		}).catch(err => {
			console.error('Error getting route:', err);
			res.status(500).send('Internal server error');
		}).finally(() => {
			conn.release();
		});
	});
});

app.get('/user/logout', (req, res) => {
	req.session.destroy();
	res.redirect('/user/login');
});

app.get("/user/edit", (req, res) => {
	if (!req.session.userAuthenticated) {
		res.redirect('/user/login');
		return;
	}
	// Remove block_start, block_length, and apiKey from the response
	responseData = {
		server: req.session.userData.server,
		port: req.session.userData.port,
		auth: req.session.userData.auth,
		secret: req.session.userData.secret
	}
	res.render('user/edit', { data: responseData });
});

module.exports = app;