const bcrypt = require("bcryptjs");
const jwt = require("jsonwebtoken");
const User = require("../models/user.model");

exports.register = async (req, res) => {
  let { username, password, name } = req.body;
  username = username.toLowerCase();
  console.log(`🆕   Registration attempt for ${name} => username:${username}, password:${password}`);

  try {
    const hash = await bcrypt.hash(password, 10);
    const user = await User.createUser(username, hash, name);
    console.log(`✅   User registered: ${username}`);

    res.json({ message: "User registered", user });
  } catch (err) {
    res.status(400).json({ message: "Registration failed", error: err });
  }
};

exports.login = async (req, res) => {
  let { username, password } = req.body;

  username = username.toLowerCase();
  const user = await User.findByUsername(username);
  if (!user) {
    console.log(`⚠️   Login attempt -> No user found: ${username}`);
    return res.status(401).json({ message: "User not found" });
  }

  const valid = await bcrypt.compare(password, user.password);
  if (!valid) {
    console.log(`⛔   Login attempt for user ${username} with password ${password}`);
    return res.status(401).json({ message: "Invalid credentials" });
  }

  const token = jwt.sign(
    { id: user.id, role: user.role },
    process.env.JWT_SECRET,
    { expiresIn: "1d" }
  );

  res.json({ token, username, role: user.role });
};