const express = require('express')
const mysql = require("mysql")
const dotenv = require('dotenv')
const app = express()
const path = require("path")
const publicDir = path.join(__dirname, './public')
const bcrypt = require("bcryptjs")
var bodyParser = require('body-parser')
var cookieParser = require("cookie-parser")


/* Connexion à la BDD MySQL */
dotenv.config({ path: './.env'})
const db = mysql.createConnection({
    host: process.env.DATABASE_HOST,
    port: process.env.DATABASE_PORT,
    user: process.env.DATABASE_USER,
    password: process.env.DATABASE_PASSWORD,
    database: process.env.DATABASE
})
db.connect((error) => {
    if(error) {
        console.log(error)
    } else {
        console.log("MySQL connected!")
    }
})

app.set('view engine', 'hbs');
app.use(express.static(publicDir));
/* Pour utiliser le bootstrap local */
app.use('/css', express.static(__dirname + '/node_modules/bootstrap/dist/css'));
app.use(cookieParser());

/* configure the Express.js server to receive the form values as JSON */
app.use(bodyParser.urlencoded({extended: false}));
app.use(express.json())


app.get("/", (req, res) => { res.render("login-session") });
app.get("/login", (req, res) => { res.render("login") });
app.get("/register", (req, res) => { res.render("register") });
app.get("/index", (req, res) => { res.render("index") });


app.post("/auth/register", (req, res) => {    
    const { gender, name, firstname, dob, title, email, password, password_confirm, session, role } = req.body

    // db.query() code goes here
    db.query('SELECT email FROM user WHERE email = ?', [email], async (error, result) => {
        if(error){
            console.log(error)
        }
        if( result.length > 0 ) {
            return res.render('register', {
                error: 'Adresse email déjà utilisée : choisissez-en une autre ou bien cliquez sur le lien ci-dessus pour vous connecter'
            })
        } else if(password !== password_confirm) {
            return res.render('register', { 
                error: 'Vos mots de passe ne correspondent pas'
            })
        }

        let hashedPassword = await bcrypt.hash(password, 8)            
        db.query('INSERT INTO user SET?', {gender : (gender != undefined ? gender : ""), firstname: firstname, name: name, date_of_birth: dob, title: title, email: email, password: hashedPassword}, (err, result) => {
            if(error) {
                console.log(error)
            } else {
                return res.render('login-session')
            }
        })  
    })
})

app.post("/auth/check-login", (req, res) => {    
    const { email, password, role, session } = req.body

    db.query('SELECT * FROM user WHERE email = ?', [email], async (error, result) => {
        if(error){
            console.log(error)
        }

        if( result.length == 0 ) {
            return res.render('login', {
                error: 'Utilisateur inconnu : veuillez créer votre compte via le lien ci-dessus'
            })
        }

        var userId = result[0].ID
        bcrypt.compare(password, result[0].password, function(err, result) {
            if(result) {

                // Le user est connecté avec succès : on vérifie qu'il n'est pas déjà inscrit à la session et si pas le cas, on l'inscrit et on incrémente le compteur des participants
                db.query('SELECT * FROM participation WHERE ID_user = ?', [userId], async (error, result) => {
                    if(error) {
                        console.log(error)
                    }

                    if (result.length == 0) {
                        db.query('INSERT INTO participation (ID_user, ID_session, role_during_session) VALUES (?, ?, ?)', [userId, session, role], function (err, result) {
                            if (err) throw err;
                            console.log("1 record inserted");
                          });

                        db.query('UPDATE session SET nb_of_participants = nb_of_participants + 1 WHERE ID=?', session, function (err, result) {
                            if (err) throw err;
                            console.log("1 record updated");
                          });
                    }
                })

                //res.cookie("authorization", userId, { maxAge: 900000, httpOnly: true });

                return res.render('index')
            }
            else {
                return res.render('login', {
                    error: 'Mot de passe incorrect : corriger votre saisie'
                })
            }
        })
    })
})

app.post("/auth/check-session", (req, res) => { 
    
    const { session, session_password, role } = req.body

    db.query('SELECT password FROM session WHERE ID = ?', [session], async (error, result) => {
        if(error){
            console.log(error)
        }

        if( result.length == 0 ) {
            return res.render('login-session', {
                error: 'Session inconnue : veuillez saisir un identifiant de session valide'
            })
        }
        else {
            if (result[0].password === session_password) {

                //res.send(req.cookies);

                return res.render('login', {"session": session, "role": role})
            }
            else {
                return res.render('login-session', {
                    error: 'Mot de passe incorrect : corriger votre saisie'
                })
            }
        }
    })
})


app.listen(5005, ()=> {
    console.log("server started on port 5005")
})