import type { Handle } from "@sveltejs/kit";
import { error, redirect } from "@sveltejs/kit";

import { env }  from "$env/dynamic/private"

import SessionStore from "$lib/server/session_store"
import { init_db, close_db, create_user, do_users_exist } from "$lib/server/database";

import Logs from "$lib/server/log";

let local_setup: {user_setup: (() => void) | ((username: string, password: string) => void) }= {
	user_setup: () => {}
}

async function init() {

	Logs.process.info("Initializing server");
	Logs.process.debug(`ORIGIN: ${env.ORIGIN}`);

	if (process.env.APP_USER_DATA_PATH == null) {
		throw new Error("APP_USER_DATA_PATH is not defined. Exiting.");
	}

	if (process.env.APP_TMP_USER_DATA_PATH == null) {
		throw new Error("APP_TMP_USER_DATA_PATH is not defined. Exiting.");
	}
	
	await init_db();

	if (!do_users_exist()) {
		local_setup.user_setup = (username: string, password: string) => {
			Logs.user.info("Creating first user")

			create_user({name: "name", gender: "x", address: "home", username: username, password: password });
			
			local_setup.user_setup = () => {}
		}

	}

	Logs.process.info("Initializing of server complete")

}

function deinit() {
	close_db();
}

process.on('exit', (_) => {
	deinit();
	Logs.process.info("Exiting server")
	process.exit(0);
});

process.on('SIGINT', (_) => {
	Logs.process.info("Received SIGINT, shutting down")
	process.exit(0);
})

process.on("uncaughtExceptionMonitor", (error, origin) => {
	Logs.process.fatal(`Encountered uncaught exception (origin: ${origin}): ${error.name}${error.cause ? (" caused by "+error.cause) : ""}: ${error.message} `)
})

await init();

export let handle: Handle = async function ({ event, resolve }) {
	event.locals.setup = local_setup

	Logs.route.debug(`incoming ${event.request.method} request to: ${event.url.href} (route id: ${event.route.id})`);

	event.setHeaders({
		//"Strict-Transport-Security": "max-age=63072000; includeSubdomains; preload",
		"X-Frame-Options": "Deny",
		"X-Content-Type-Options": "nosniff",
		"Referrer-Policy": "strict-origin-when-cross-origin"
	})
	
	if (event.route.id == null) {
		Logs.route.info(`Tried to access a route which does not exist: ${event.url.href}`)
		return error(404, "This page does not exist.");
	}

	const token = event.cookies.get("session_id")
	const user = SessionStore.get_user_by_access_token(token ?? "")

	Logs.user.debug(user ? `Found user ${user.id} for session token` : "No user for session token")

	if (!token || !user) {
		if (event.request.method == "POST" && event.route.id != "/login") {
			return error(401, "Invalid Session");
		}

		if (token) {
			Logs.user.debug("recieved an invalid session id. Deleting on client.")
			event.cookies.delete("session_id", { path: "/" });
		}

		if (event.route.id == "/login") {
			return await resolve(event);
		} else {
			event.url.searchParams.set("redirect", event.route.id);
			return redirect(302, `/login?${event.url.searchParams}`);
		}
	}

	event.locals.user = user;

	return await resolve(event);
}