const { pool, db } = require("../config/database")
const { genSaltSync, hashSync, compareSync } = require("bcrypt")
const { sign } = require("jsonwebtoken")
const bcrypt = require("bcrypt")
const otpGenerator = require("otp-generator")
const nodemailer = require("nodemailer")

const transporter = nodemailer.createTransport({
  service: "gmail", // e.g., 'Gmail'
  host: process.env.NODEMAILER_HOST,
  port: process.env.NODEMAILER_PORT,
  secure: false,
  auth: {
    user: process.env.NODEMAILER_USER,
    pass: process.env.NODEMAILER_PASSWORD,
  },
})

async function executeQuery(sql, values) {
  const connection = await pool.getConnection()
  try {
    const [rows] = await connection.execute(sql, values)
    return rows
  } finally {
    connection.release()
  }
}

// path = /addOneAppUser
// const registerOld = async (req, res) => {
//   const { email } = req.body

//   try {
//     const rows = await pool.execute("SELECT * FROM sec_users WHERE email = ?", [
//       email,
//     ])
//     if (rows.length > 0) {
//       return res.status(400).json({ message: "Email already exists" })
//     }
//     // Generate and save OTP
//     const otp = Math.floor(1000 + Math.random() * 9000).toString()
//     const result = await pool.execute(
//       "INSERT INTO sec_users (email, password1) VALUES (?, ?)",
//       [email, otp]
//     )
//     if (result) {
//       // Send OTP via email
//       const mailOptions = {
//         from: "example.com",
//         to: email,
//         subject: "OTP for registration",
//         text: `Your OTP is: ${otp}`,
//       }
//       transporter.sendMail(mailOptions, (error) => {
//         if (error) {
//           console.log(error)
//           return res.status(500).json({ message: "Error sending OTP" })
//         }

//         return res.status(200).json({ message: "OTP sent successfully" })
//       })
//     } else {
//       return res.status(500).json({ message: "Failed to create user" })
//     }
//   } catch (error) {
//     console.error(error)
//     res.status(400).json({ message: "Some error occured" })
//   }
// }

var count = 0

const register = async (req, res) => {
  const body = req.body
  // console.log(email)
  try {
    let sql = `SELECT * FROM sec_users WHERE email = ?`
    const rows = await executeQuery(sql, [body.email])
    if (rows.length > 0) {
      return res.status(400).json({ message: "Email already exists" })
    }
    count++
    // Generate and save OTP
    const otp = Math.floor(1000 + Math.random() * 9000).toString()
    let user_id = 10007589 + count
    const password = bcrypt.hashSync(body.user_passw, 10)
    let sql2 = `INSERT INTO sec_users (email, random_no, user_id, user_name, full_name, user_passw, change_passw, first_name, country, is_blocked, is_complete, active) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
    const result = await executeQuery(sql2, [
      body.email,
      otp,
      user_id,
      body.user_name,
      body.full_name,
      password,
      body.change_passw,
      body.first_name,
      body.country,
      false,
      true,
      true,
    ])
    if (result) {
      // Send OTP via email
      const mailOptions = {
        from: "example.com",
        to: body.email,
        subject: "OTP for registration",
        text: `Your OTP is: ${otp}`,
      }
      transporter.sendMail(mailOptions, (error) => {
        if (error) {
          console.log(error)
          return res.status(500).json({ message: "Error sending OTP" })
        }
        return res.status(200).json({ message: "OTP sent successfully" })
      })
    } else {
      return res.status(500).json({ message: "Failed to create user" })
    }
  } catch (error) {
    console.error(error)
    res.status(400).json({ message: "Some error occured" })
  }
}

const verifyOTP = async (req, res) => {
  const { email, otp } = req.body

  try {
    let sql = `SELECT * FROM sec_users WHERE email = ?`
    const rows = await executeQuery(sql, [email])

    if (rows.length === 0) {
      return res.status(400).json({ message: "User not found" })
    }

    const user = rows[0]

    if (user.random_no === otp) {
      // OTP is valid, you can update the user's status to verified or perform any necessary actions.
      // For example: Update the 'is_complete' field to true.
      let updateSql = `UPDATE sec_users SET status = ? WHERE email = ?`
      await executeQuery(updateSql, [true, email])

      return res.status(200).json({ message: "OTP verified successfully" })
    } else {
      return res.status(400).json({ message: "Invalid OTP" })
    }
  } catch (error) {
    console.error(error)
    res.status(500).json({ message: "Error verifying OTP" })
  }
}

const deleteUser = async (req, res) => {
  const email = req.body.email

  const sql = `SELECT * FROM sec_users WHERE email = ?`
  const rows = await executeQuery(sql, [email])

  if (rows.length === 0) {
    return res.status(400).json({ message: "User not found" })
  } else {
    const sql2 = `DELETE FROM sec_users WHERE email = ?`
    const result = await executeQuery(sql2, [email])
    res
      .status(200)
      .json({ message: `User with ${email} deleted successfully...!!! ` })
  }
}

module.exports = {
  register,
  verifyOTP,
  deleteUser,
}