const multer = require('multer');
const path = require('path');
const userService = require('../services/userService');


exports.addUser = async (req, res) => {
    try {
        const { hospital_id, role_id, ...rest } = req.body;
        const result = await userService.addUser(hospital_id, role_id, { ...rest, password: req.body.password }, req.user.role, req.user.hospital_id);
        res.status(201).json(result);
    } catch (error) {
        console.error('Error adding user:', error.message);
        if (error.message.includes('Access denied') || error.message.includes('Email already exists')) {
            return res.status(403).json({ error: error.message });
        }
        if (error.message.includes('not found')) {
            return res.status(404).json({ error: error.message });
        }
        res.status(500).json({ error: error.message });
    }
};

exports.getUsersByHospital = async (req, res) => {
    try {
        const hospital_id = parseInt(req.params.hospital_id, 10);
        const result = await userService.getUsersByHospital(hospital_id, req.user.role, req.user.hospital_id);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error fetching users:', error.message);
        if (error.message.includes('Invalid hospital ID')) {
            return res.status(400).json({ error: error.message });
        }
        if (error.message.includes('not authorized')) {
            return res.status(403).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

exports.getProfilePhoto = async (req, res) => {
    try {
        const userId = req.params.id;
        const result = await userService.getProfilePhoto(userId, req.user.role);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error fetching profile photo:', error.message);
        if (error.message.includes('not authorized')) {
            return res.status(403).json({ error: error.message });
        }
        if (error.message.includes('not found')) {
            return res.status(404).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

exports.login = async (req, res) => {
    try {
        const { email, password } = req.body;
        const result = await userService.login(email, password);
        res.status(200).json(result);
    } catch (error) {
        console.error('Login error:', error.message);
        if (error.message.includes('Invalid email or password')) {
            return res.status(401).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

exports.logout = async (req, res) => {
    try {
        const authHeader = req.headers['authorization'];
        const token = authHeader && authHeader.split(' ')[1];
        const result = await userService.logout(token);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error during logout:', error.message);
        if (error.message.includes('Access token required')) {
            return res.status(401).json({ error: error.message });
        }
        if (error.message.includes('Unauthorized access')) {
            return res.status(403).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

// Configure multer for file uploads
const storage = multer.diskStorage({
    destination: (req, file, cb) => {
        cb(null, 'uploads/profile_photos');
    },
    filename: (req, file, cb) => {
        const uniqueSuffix = `${Date.now()}-${Math.round(Math.random() * 1e9)}${path.extname(file.originalname)}`;
        cb(null, `${file.fieldname}-${uniqueSuffix}`);
    },
});

const upload = multer({
    storage,
    fileFilter: (req, file, cb) => {
        if (file.mimetype.startsWith('image/')) {
            cb(null, true);
        } else {
            cb(new Error('Only image files are allowed'), false);
        }
    },
    limits: { fileSize: 5 * 1024 * 1024 }, // Limit file size to 5 MB
}).single('profile_photo');

exports.uploadProfilePhoto = async (req, res) => {
    upload(req, res, async (err) => {
        if (err) {
            console.error('Error uploading file:', err.message);
            return res.status(400).json({ error: err.message });
        }

        try {
            const result = await userService.uploadProfilePhoto(req.user.id, req.file);
            res.status(200).json(result);
        } catch (error) {
            console.error('Error updating photo URL in database:', error.message);
            res.status(500).json({ error: 'Internal server error' });
        }
    });
};

exports.editHospitalUser = async (req, res) => {
    try {
        const { id } = req.params;
        const result = await userService.editHospitalUser(id, req.body, req.user.role);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error editing hospital user:', error.message);
        if (error.message.includes('Access denied')) {
            return res.status(403).json({ error: error.message });
        }
        if (error.message.includes('not found')) {
            return res.status(404).json({ error: error.message });
        }
        if (error.message.includes('No valid fields')) {
            return res.status(400).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

exports.deleteHospitalUser = async (req, res) => {
    try {
        const { id } = req.params;
        const result = await userService.deleteHospitalUser(id, req.user.role);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error deleting hospital user:', error.message);
        if (error.message.includes('Access denied')) {
            return res.status(403).json({ error: error.message });
        }
        if (error.message.includes('not found')) {
            return res.status(404).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

exports.getAccessToken = async (req, res) => {
    try {
        const { refreshToken, user_id } = req.body;
        const result = await userService.getAccessToken(refreshToken, user_id);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error generating access token:', error.message);
        if (error.message.includes('required')) {
            return res.status(400).json({ error: error.message });
        }
        if (error.message.includes('Invalid or expired')) {
            return res.status(403).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

exports.getAccessTokenForSpurrinadmin = async (req, res) => {
    try {
        const { refreshToken, user_id } = req.body;
        const result = await userService.getAccessTokenForSpurrinadmin(refreshToken, user_id);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error generating access token:', error.message);
        if (error.message.includes('required')) {
            return res.status(400).json({ error: error.message });
        }
        if (error.message.includes('Invalid or expired')) {
            return res.status(403).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

exports.getRefreshTokenByUserId = async (req, res) => {
    try {
        const { user_id, role_id } = req.params;
        const result = await userService.getRefreshTokenByUserId(user_id, role_id);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error fetching refresh token:', error.message);
        if (error.message.includes('Invalid role_id')) {
            return res.status(400).json({ error: error.message });
        }
        if (error.message.includes('not found')) {
            return res.status(404).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

exports.getHospitalUserId = async (req, res) => {
    try {
        const { email, password } = req.body;
        const result = await userService.getHospitalUserId(email, password);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error fetching hospital user:', error.message);
        if (error.message.includes('required')) {
            return res.status(400).json({ error: error.message });
        }
        if (error.message.includes('Invalid email or password') || error.message.includes('not found')) {
            return res.status(401).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

exports.updatePassword = async (req, res) => {
    try {
        const { id } = req.params;
        const { new_password } = req.body;
        const authHeader = req.headers.authorization;
        const token = authHeader && authHeader.split(' ')[1];
        const result = await userService.updatePassword(id, new_password, token);
        res.status(200).json(result);
    } catch (error) {
        console.error('Error updating password:', error.message);
        if (error.message.includes('required')) {
            return res.status(400).json({ error: error.message });
        }
        if (error.message.includes('Invalid or expired token')) {
            return res.status(401).json({ error: error.message });
        }
        if (error.message.includes('Token user does not match')) {
            return res.status(403).json({ error: error.message });
        }
        if (error.message.includes('not found')) {
            return res.status(404).json({ error: error.message });
        }
        res.status(500).json({ error: 'Internal server error' });
    }
};

module.exports