import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
import { prismaClient } from '../../../../common/database/prisma.lambda.service';
import { verifyUserToken } from '../../../../common/middlewares/jwt/authForUser';
import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
import ApiError from '../../../../common/utils/helper/ApiError';
import { UserService } from '../../services/user.service';

const userService = new UserService(prismaClient);

export const handler = safeHandler(async (
    event: APIGatewayProxyEvent,
    context?: Context
): Promise<APIGatewayProxyResult> => {
    // Extract token from headers
    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
    if (!token) {
        throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
    }

    // Authenticate user using verifyUserToken
    const userInfo = await verifyUserToken(token);
    const userId = userInfo.id;

    if (Number.isNaN(userId)) {
        throw new ApiError(400, 'User id must be a number');
    }

    // Parse request body
    let body: { passcode?: string; };

    try {
        body = event.body ? JSON.parse(event.body) : {};
    } catch (error) {
        throw new ApiError(400, 'Invalid JSON in request body');
    }

    const { passcode } = body;

    // Validate required fields
    if (!passcode) {
        throw new ApiError(400, 'passcode is required');
    }

    // Verify the passcode
    const isValid = await userService.verifyUserPasscode(userId, passcode);

    if (!isValid) {
        throw new ApiError(400, 'Invalid passcode');
    }

    return {
        statusCode: 200,
        headers: {
            'Content-Type': 'application/json',
            'Access-Control-Allow-Origin': '*',
        },
        body: JSON.stringify({
            success: true,
            message: 'Passcode verified successfully',
        }),
    };
});