const express = require('express');
const jwt = require('jsonwebtoken');
const { v4: uuidv4 } = require('uuid');
const { readTable, writeTable } = require('../utils/db');
const authMiddleware = require('../middleware/auth');

const router = express.Router();

// POST /api/auth/login
router.post('/login', (req, res) => {
  const { username, password } = req.body || {};
  if (!username || !password) {
    return res.status(400).json({ code: 400, message: '用户名和密码不能为空' });
  }

  const users = readTable('users');
  const user = users.find((u) => u.username === username && u.password === password);
  if (!user) {
    return res.status(401).json({ code: 401, message: '用户名或密码错误' });
  }

  const token = jwt.sign(
    { userId: user.id, username: user.username, name: user.name, sex: user.sex, isDriver: user.isDriver, deptId: user.deptId, deptName: user.deptName, roleList: user.roleList },
    process.env.JWT_SECRET,
    { expiresIn: process.env.JWT_EXPIRES_IN || '7d' }
  );

  return res.json({
    code: 200,
    data: {
      token,
      name: user.name,
      sex: user.sex,
      isDriver: user.isDriver,
      deptId: user.deptId,
      deptName: user.deptName,
      roleList: user.roleList,
    },
  });
});

// POST /api/auth/register
router.post('/register', (req, res) => {
  const { username, password, nickname } = req.body || {};
  if (!username || !password) {
    return res.status(400).json({ code: 400, message: '用户名和密码不能为空' });
  }

  const users = readTable('users');
  if (users.find((u) => u.username === username)) {
    return res.status(409).json({ code: 409, message: '用户名已存在' });
  }

  const newUser = {
    id: `user-${uuidv4()}`,
    username,
    password,
    name: nickname || username,
    sex: 'unknown',
    isDriver: false,
    deptId: 0,
    deptName: '',
    roleList: ['user'],
    createdAt: new Date().toISOString(),
  };
  users.push(newUser);
  writeTable('users', users);

  const token = jwt.sign(
    { userId: newUser.id, username: newUser.username, name: newUser.name, sex: newUser.sex, isDriver: newUser.isDriver, deptId: newUser.deptId, deptName: newUser.deptName, roleList: newUser.roleList },
    process.env.JWT_SECRET,
    { expiresIn: process.env.JWT_EXPIRES_IN || '7d' }
  );

  return res.json({
    code: 200,
    data: {
      token,
      name: newUser.name,
      sex: newUser.sex,
      isDriver: newUser.isDriver,
      deptId: newUser.deptId,
      deptName: newUser.deptName,
      roleList: newUser.roleList,
    },
  });
});

// GET /api/auth/me
router.get('/me', authMiddleware, (req, res) => {
  const users = readTable('users');
  const user = users.find((u) => u.id === req.user.userId);
  if (!user) {
    return res.status(404).json({ code: 404, message: '用户不存在' });
  }
  return res.json({
    code: 200,
    data: {
      name: user.name,
      sex: user.sex,
      isDriver: user.isDriver,
      deptId: user.deptId,
      deptName: user.deptName,
      roleList: user.roleList,
    },
  });
});

module.exports = router;