const express = require("express");
const session = require("express-session");
const bodyParser = require("body-parser");
const mysql = require("mysql2");
const cors = require("cors")

const app = express();
const port = 3000;

const db = mysql.createConnection({
    host: "127.0.0.1",
    port: 3306,
    user: "root",
    password: "123456",
    database: "express_db"
})

db.connect((err) => {
    if (err) {
        console.log("Error connect to MySQL database:", err);
        return;
    }
    console.log("Connected to MySQL database");
})


app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(cors({
    origin: "http://127.0.0.1:3000",
    method: ["GET", "POST"],
    allowedHeaders: ['Content-Type', "Authorization"]
}))
app.use(session({
    secret: "secret-key",
    resave: false,
    saveUninitialized: true,
    cookie: { secret: false }
}));

const isAuthorization = (req, res, next) => {
    if (req.session.user)
        next();
    else
        res.status(401).send("You are not authorization")
};

app.post("/login", (req, res) => {
    const { username, password } = req.body;
    const sql = "SELECT username, password FROM users WHERE username = ? AND password = ?"
    db.query(sql, [username, password], (err, result) => {
        if (err) {
            res.status(500).send("query database failed");
            return;
        }

        if (result.length > 0) {
            req.session.user = result[0];
            res.send("Login successful!");
        } else {
            res.send("Login failed.");
        }
    })
});

app.post("/register", (req, res) => {
    const { username, password } = req.body;
    const sql = "INSERT INTO users (username, password) VALUES (?, ?)"
    db.query(sql, [username, password], (err, result) => {
        if (err) {
            console.log(err);

            res.status(500).send("query database failed");
            return
        }

        res.send("Register successful!");
    })
})

app.get("/ucenter", isAuthorization, (req, res) => {
    const user = req.session.user;
    res.send(`hello ${user.username}, welcome to ucenter`);
})

app.get("/orders", isAuthorization, (req, res) => {
    const user = req.session.user;
    res.send(`hello ${user.username}, welcome to orders`);
})

app.listen(port, () => {
    console.log(`Server is running on http://localhost:${port}`);

})