import bcrypt from 'bcrypt';
import { getCollections } from '../db/mongo.js';
import pkg from '../package.json' with { type: "json" }

export function registerAuthRoutes(app) {
  const { usersCollection } = getCollections();
  const errText = 'Falsche Email oder falsches Passwort.' 


  app.get('/login', (req, res) => {
    const version = pkg.version
    const vdate = pkg.date
    res.render('login', { 
      error: null,
      version: version,
      vdate: vdate
    })
  });

  app.post('/login', async (req, res) => {
    const { email, password } = req.body;
    const user = await usersCollection.findOne({ email: email.toLowerCase() });
    if (!user) return res.render('login', { error: errText });
    const match = await bcrypt.compare(password, user.passwordHash);
    if (!match) return res.render('login', { error: errText });
  req.session.userId = user._id;
  req.session.isAdmin = user.role === 'admin';
  res.redirect('/');
  });

  app.get('/logout', (req, res) => {
    req.session.destroy(() => res.redirect('/login'));
  });
}