spurrin-backend/src/routes/hospitals.js

const express = require("express");
const multer = require("multer");
const fs = require("fs");
const jwt = require("jsonwebtoken"); // Make sure jwt is required
const authMiddleware = require("../middlewares/authMiddleware");
const hospitalModel = require("../models/hospitalModel"); // Ensure the model is imported correctly
const router = express.Router();
const hospitalController = require("../controllers/hospitalController");
const db = require("../config/database"); // Database connection

// Route for creating hospital
router.post(
  "/create-hospital",
  authMiddleware.authenticateToken,
  hospitalController.createHospital
);

// Multer configuration to handle logo uploads
const storage = multer.diskStorage({
  destination: (req, file, cb) => {
    const uploadPath = "uploads/logos/";
    if (!fs.existsSync(uploadPath)) {
      fs.mkdirSync(uploadPath, { recursive: true });
    }
    cb(null, uploadPath);
  },
  filename: (req, file, cb) => {
    const uniqueSuffix = Date.now() + "-" + Math.round(Math.random() * 1e9);
    const fileExtension = file.originalname.split(".").pop(); // Get the file extension
    cb(null, `${file.fieldname}-${uniqueSuffix}.${fileExtension}`); // Append the extension
  },
});

const upload = multer({
  storage,
  fileFilter: (req, file, cb) => {
    if (file.mimetype.startsWith("image/")) {
      cb(null, true);
    } else {
      cb(new Error("Only image files are allowed"), false);
    }
  },
});

// Route for uploading hospital logo
router.post(
  "/upload-logo",
  authMiddleware.authenticateToken, // Middleware to validate access token
  upload.single("logo"), // Multer middleware to handle single file upload
  async (req, res) => {
    try {
      // Extract JWT token from headers
      const authHeader = req.headers["authorization"];
      const token = authHeader && authHeader.split(" ")[1];

      if (!token) {
        return res.status(401).json({ error: "Access token required" });
      }

      // Verify the token
      const decoded = jwt.verify(token, process.env.JWT_ACCESS_TOKEN_SECRET);
      const { id, role, email } = decoded; // Extract user ID, role, and email from the decoded token

      // Check if a file is uploaded
      if (!req.file) {
        return res
          .status(400)
          .json({ error: "No file uploaded or invalid field name" });
      }

      // File URL with original extension
      const logoUrl = `/uploads/logos/${req.file.filename}`;

      // Fetch hospital data for the user (assuming the user is related to a hospital)

      const hospitalquery = `SELECT * FROM hospital_users WHERE id = ?`;

      const [hospital] = await db.query(hospitalquery, [id]);

      // If no hospital is found, return an error
      if (!hospital || hospital.length === 0) {
        return res
          .status(404)
          .json({ error: "Hospital not found for this user" });
      }
      // Update hospital with new logo URL
      const updatedHospital = await hospitalModel.updateHospitalLogo(
        hospital.hospital_id,
        logoUrl
      );

      // Return success message with updated hospital data
      res.status(200).json({
        message: "Logo uploaded and hospital updated successfully!",
        hospital: updatedHospital,
      });
    } catch (error) {
      console.error("Error handling upload:", error.message);

      // Handle JWT verification errors
      if (error.name === "JsonWebTokenError") {
        return res.status(401).json({ error: "Invalid or expired token" });
      }

      // Handle other unexpected errors
      res.status(500).json({ error: "Internal server error" });
    }
  }
);

// Route for getting a list of hospitals
router.get(
  "/list",
  authMiddleware.authenticateToken, // Middleware to validate access token
  hospitalController.getHospitalList
);
//  Route for getting a hospital from list of hospital
router.get(
  "/list/:id",
  authMiddleware.authenticateToken, // Middleware to validate access token
  hospitalController.getHospitalById
);

// Route to update a hospital
router.put(
  "/update/:id",
  authMiddleware.authenticateToken,
  hospitalController.updateHospital
);

// Route to delete a hospital
router.delete(
  "/delete/:id",
  authMiddleware.authenticateToken,
  hospitalController.deleteHospital
);

// get all users of hospital
router.get(
  "/users",
  authMiddleware.authenticateToken,
  hospitalController.getAllHospitalUsers
);

// get colors from hospital
router.get(
  "/colors",
  authMiddleware.authenticateToken,
  hospitalController.getColorsFromHospital
);

// send temporary password to superadmin
router.post(
  "/send-temp-password",
  upload.none(),
  hospitalController.sendTempPassword
);

// change password of super_admins
router.post(
  "/change-password",
  upload.none(),
  hospitalController.changeTempPassword
);

// send temporary password to admin or viewer
router.post(
  "/send-temp-password-av",
  upload.none(),
  hospitalController.sendTemporaryPassword
);

// change password of admin and viewer
router.post(
  "/change-password-av",
  upload.none(),
  hospitalController.changeTempPasswordAdminsViewers
);

// update admin name
router.post(
  "/update-admin-name",
  upload.none(),
  authMiddleware.authenticateToken,
  hospitalController.updateHospitalName
);

// check newly registered app user's notification
router.post(
  "/check-user-notification",
  upload.none(),
  authMiddleware.authenticateToken,
  hospitalController.checkNewAppUser
);

// update app user's notification status
router.put(
  "/update-user-notification/:id",
  authMiddleware.authenticateToken,
  hospitalController.updateAppUserChecked
);

// app users interaction logs based on hospital_code
router.post(
  "/interaction-logs",
  upload.none(),
  authMiddleware.authenticateToken,
  hospitalController.interactionLogs
);

// allow or restrict public signup and login
router.put(
  "/public-signup/:id",
  authMiddleware.authenticateToken,
  hospitalController.updatePublicSignup
);

router.get("/public-signup/:id",
  authMiddleware.authenticateToken,
  hospitalController.getPublicSignup
)

module.exports = router;