import { Router, Request, Response } from 'express';
import { userOps } from '../database.js';

const router = Router();

// Check auth status
router.get('/status', (req: Request, res: Response) => {
  if (req.session.user) {
    res.json({ authenticated: true, user: req.session.user });
  } else {
    res.json({ authenticated: false });
  }
});

// Login
router.post('/login', (req: Request, res: Response) => {
  const { username, password } = req.body;
  
  if (!username || !password) {
    res.status(400).json({ error: 'Gebruikersnaam en wachtwoord zijn verplicht' });
    return;
  }
  
  const user = userOps.findByUsername(username);
  
  if (!user || !userOps.verifyPassword(user, password)) {
    res.status(401).json({ error: 'Ongeldige gebruikersnaam of wachtwoord' });
    return;
  }
  
  req.session.user = {
    id: user.id,
    username: user.username,
  };
  
  res.json({ success: true, user: req.session.user });
});

// Logout
router.post('/logout', (req: Request, res: Response) => {
  req.session.destroy((err) => {
    if (err) {
      console.error('Session destroy error:', err);
    }
    res.json({ success: true });
  });
});

export default router;