const express = require('express');
const axios = require('axios');
const router = express.Router();

const EMBY_URL = process.env.EMBY_URL;
const EMBY_API_KEY = process.env.EMBY_API_KEY;

// Authenticate user with Emby
router.post('/login', async (req, res) => {
  try {
    const { username, password } = req.body;
    
    console.log(`[Auth] Attempting login for user: ${username}`);
    
    // Authenticate with Emby
    const authResponse = await axios.post(`${EMBY_URL}/Users/authenticatebyname`, {
      Username: username,
      Pw: password
    }, {
      headers: {
        'X-Emby-Authorization': `MediaBrowser Client="MediaDashboard", Device="Browser", DeviceId="dashboard-${Date.now()}", Version="1.0.0"`
      }
    });
    
    const authData = authResponse.data;
    console.log(`[Auth] Emby auth response:`, JSON.stringify(authData));
    
    // Get user info using the access token
    const userResponse = await axios.get(`${EMBY_URL}/Users/${authData.User.Id || authData.User.id}`, {
      headers: {
        'X-MediaBrowser-Token': authData.AccessToken
      }
    });
    
    const user = userResponse.data;
    console.log(`[Auth] User info:`, JSON.stringify(user));
    console.log(`[Auth] Login successful for user: ${user.Name}`);
    
    // Set authentication cookie
    const isAdmin = !!(user.Policy && user.Policy.IsAdministrator);
    res.cookie('emby_user', JSON.stringify({
      id: user.Id,
      name: user.Name,
      isAdmin: isAdmin,
      token: authData.AccessToken
    }), {
      httpOnly: true,
      maxAge: 24 * 60 * 60 * 1000 // 24 hours
    });
    
    res.json({
      success: true,
      user: {
        id: user.Id,
        name: user.Name,
        isAdmin: isAdmin
      }
    });
  } catch (error) {
    console.error(`[Auth] Login failed:`, error.message);
    res.status(401).json({ 
      success: false, 
      error: 'Invalid username or password' 
    });
  }
});

// Get current authenticated user
router.get('/me', (req, res) => {
  try {
    const userCookie = req.cookies.emby_user;
    
    if (!userCookie) {
      return res.json({ authenticated: false });
    }
    
    const user = JSON.parse(userCookie);
    res.json({
      authenticated: true,
      user: {
        id: user.id,
        name: user.name,
        isAdmin: !!user.isAdmin
      }
    });
  } catch (error) {
    console.error(`[Auth] Error getting current user:`, error.message);
    res.json({ authenticated: false });
  }
});

// Logout
router.post('/logout', (req, res) => {
  res.clearCookie('emby_user');
  res.json({ success: true });
});

module.exports = router;