const jwt = require('jsonwebtoken');
const bcrypt = require('bcryptjs');
const User = require('../models/User');
const config = require('../config/env');
const logger = require('../utils/logger');

// POST /api/handler/login  — email + password
const handlerLogin = async (req, res) => {
  try {
    const { email, password } = req.body;

    if (!email || !password) {
      return res.status(400).json({ success: false, message: 'E-Mail und Passwort erforderlich' });
    }

    const user = await User.findOne({ email: email.trim().toLowerCase(), deleted: false });
    if (!user || !user.passwordHash) {
      return res.status(401).json({ success: false, message: 'Ungültige Anmeldedaten oder kein Passwort hinterlegt' });
    }

    const valid = await bcrypt.compare(password, user.passwordHash);
    if (!valid) {
      return res.status(401).json({ success: false, message: 'Ungültige Anmeldedaten' });
    }

    const token = jwt.sign(
      { id: user._id.toString(), role: 'handler' },
      config.jwtSecret,
      { expiresIn: '12h' }
    );

    res.json({
      success: true,
      token,
      user: {
        id: user._id,
        name: user.name,
        email: user.email,
        available: user.available,
        type: user.type,
        phone: user.phone,
        landline: user.landline,
        address: user.address
      }
    });
  } catch (error) {
    logger.error('Handler-Login Fehler:', error);
    res.status(500).json({ success: false, message: 'Serverfehler beim Login' });
  }
};

// POST /api/handler/set-password  — set first password (handler provides token + new password)
// Admin first sets email, then the handler can set their own password
const setHandlerPassword = async (req, res) => {
  try {
    const { email, newPassword } = req.body;

    if (!email || !newPassword || newPassword.length < 6) {
      return res.status(400).json({ success: false, message: 'E-Mail und Passwort (min. 6 Zeichen) erforderlich' });
    }

    const user = await User.findOne({ email: email.trim().toLowerCase(), deleted: false });
    if (!user) {
      return res.status(404).json({ success: false, message: 'Kein Stöberhundeführer mit dieser E-Mail gefunden' });
    }

    user.passwordHash = await bcrypt.hash(newPassword, 12);
    await user.save();

    res.json({ success: true, message: 'Passwort erfolgreich gesetzt' });
  } catch (error) {
    logger.error('Passwort setzen Fehler:', error);
    res.status(500).json({ success: false, message: 'Serverfehler' });
  }
};

// PUT /api/handler/me  — handler updates own availability + contact data
const updateHandlerSelf = async (req, res) => {
  try {
    const userId = req.handlerUser.id;
    const { available, phone, landline, address } = req.body;

    const update = {};
    if (typeof available === 'boolean') update.available = available;
    if (phone && phone.trim()) update.phone = phone.trim();
    if (landline !== undefined) update.landline = landline ? landline.trim() : null;
    if (address && address.trim()) update.address = address.trim();

    const user = await User.findByIdAndUpdate(
      userId,
      update,
      { new: true, select: '-passwordHash' }
    );

    if (!user) {
      return res.status(404).json({ success: false, message: 'Stöberhundeführer nicht gefunden' });
    }

    res.json({ success: true, data: user });
  } catch (error) {
    logger.error('Handler-Update Fehler:', error);
    res.status(500).json({ success: false, message: 'Fehler beim Aktualisieren' });
  }
};

// GET /api/handler/me — get own profile
const getHandlerSelf = async (req, res) => {
  try {
    const user = await User.findById(req.handlerUser.id).select('-passwordHash');
    if (!user) return res.status(404).json({ success: false, message: 'Nicht gefunden' });
    res.json({ success: true, data: user });
  } catch (error) {
    res.status(500).json({ success: false, message: 'Serverfehler' });
  }
};

module.exports = { handlerLogin, setHandlerPassword, updateHandlerSelf, getHandlerSelf };