import { NextRequest, NextResponse } from "next/server";
import bcrypt from 'bcryptjs';
import jwt from 'jsonwebtoken';
import prisma from "@/app/prisma";
import { z } from "zod/v4";

const schema = z.object({
    email: z.string().email("Invalid email address"),
    password: z.string().min(8, "Password must be at least 8 characters long").max(32, "Password must be at most 32 characters long").regex(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,32}$/, "Password must contain at least one lowercase letter, one uppercase letter, one digit, and one special character"),
    remember: z.boolean().optional(),
});

export async function POST(request: NextRequest) {
    try {
        const body = schema.parse(await request.json());

        const user = await prisma.user.findUnique({
            where: {
                email: body.email,
            },
        });

        if (!user) {
            return NextResponse.json({ error: "User not found" }, { status: 404 });
        }

        const validPassword = await bcrypt.compare(body.password, user.password);

        if (!validPassword) {
            return NextResponse.json({ error: "Invalid password" }, { status: 401 });
        }

        if(!process.env.JWT_SECRET) {
            return NextResponse.json({ error: "No JWT secret found" }, { status: 500 });
        }

        const token = jwt.sign({ id: user.id }, process.env.JWT_SECRET, { expiresIn: body.remember ? "7d" : "1h" });

        const lastLogin = new Date();

        await prisma.user.update({
            where: {
                id: user.id,
            },
            data: {
                lastLogin,
            },
        });

        return NextResponse.json({ message: "Login successful", token }, { status: 200 });

    } catch (error: any) {
        if(error instanceof z.ZodError) {
            return NextResponse.json({ error: error.issues[0].message }, { status: 400 });
        }
        return NextResponse.json({ error: "Internal Server Error" }, { status: 500 });
    }
}