require("dotenv").config();
const express = require("express");
const cors = require("cors");
const User = require("./models/user.model");

const app = express();
app.use(express.json());

const allowedOrigins = [
  "http://localhost:3000",
  "https://costco.nicosaya.com",
  "https://costco.api.nicosaya.com",
];
app.use(
  cors({
    origin: function (origin, callback) {
      if (!origin) return callback(null, true);
      if (allowedOrigins.includes(origin)) return callback(null, true);
      if (/^http:\/\/192\.168\.\d+\.\d+/.test(origin)) return callback(null, true);
      if (/^https:\/\/192\.168\.\d+\.\d+/.test(origin)) return callback(null, true);
      callback(new Error("Not allowed by CORS"));
    },
    methods: ["GET", "POST", "PUT", "DELETE"],
  })
);

app.get('/', async (req, res) => {
  resText = `Grocery List API is running.\n` +
    `Roles available: ${Object.values(User.ROLES).join(', ')}`

  res.status(200).type("text/plain").send(resText);
});


const authRoutes = require("./routes/auth.routes");
app.use("/auth", authRoutes);

const listRoutes = require("./routes/list.routes");
app.use("/list", listRoutes);

const adminRoutes = require("./routes/admin.routes");
app.use("/admin", adminRoutes);

const usersRoutes = require("./routes/users.routes");
app.use("/users", usersRoutes);

const suggestController = require("./routes/suggest.routes");
app.get("/suggest", suggestController);


module.exports = app;