"use strict";

/**
 * end-user controller
 */

const { factories } = require("@strapi/strapi");
const { getService } = require("@strapi/plugin-users-permissions/server/utils");

module.exports = factories.createCoreController(
  "api::end-user.end-user",
  ({ strapi: Strapi }) => ({
    // Method 1: Creating an entirely custom action
    // async finishEndUserOtpVerification(ctx) {
    //   (await strapi.service) <
    //     PostService >
    //     "api::post.post".exampleService({});
    //   try {
    //     ctx.body = "ok";
    //   } catch (err) {
    //     ctx.body = err;
    //   }
    // },

    // Method 1: Creating an entirely custom action
    async finishEndUserOtpVerification(ctx) {
      const { mobileNo, oneTimePassword } = ctx.request.body;

      // 1. Identify the end-user record using the above.
      const endUser = await strapi.query("api::end-user.end-user").findOne({
        populate: ["user"],
        where: {
          $and: [{ publishedAt: { $null: true } }, { mobileNo: mobileNo }],
        },
      });

      if (!endUser) {
        throw new ValidationError("Invalid mobile number.");
      }

      // 2. Then identify the user record using step 1.
      // 3. Verify otp.
      const user = await strapi
        .query("plugin::users-permissions.user")
        .findOne({
          where: {
            $and: [
              { id: endUser.user.id },
              { oneTimePassword: oneTimePassword },
            ],
          },
        });
      if (!user || user.blocked) {
        throw new ValidationError("Code provided is not valid.");
      }

      // 4. stamp otp in user to null.
      await getService("user").edit(user.id, {
        oneTimePassword: null,
        password: oneTimePassword,
      });

      // 5. change from draft to published.
      await strapi.entityService.update("api::end-user.end-user", endUser.id, {
        data: {
          publishedAt: new Date(),
        },
      });

      // TODO: at this point we might have to invoke a Hiranandani API to send the newly registered user there.
      ctx.send({ ok: true, message: "user registered" });
    },

    // Wrapping a core action (leaves core logic in place)
    async create(ctx) {
      console.log("ctx.request.body", ctx.request.body);
      try {
        const spretoLeadData = await strapi
          .service("api::lead.lead")
          .sendLeadToSperto(ctx.request.body.data);
        // console.log("spretoLeadData.data", spretoLeadData.data);
        ctx.request.body.data.httpRequestHeaders = JSON.stringify(
          spretoLeadData.headers
        );
        ctx.request.body.data.httpRequestMethod = spretoLeadData.config.method;
        ctx.request.body.data.httpRequestUrl = spretoLeadData.config.url;
        ctx.request.body.data.httpsRequestBody = spretoLeadData.config.data;
        ctx.request.body.data.httpResposneBody = JSON.stringify(
          spretoLeadData.data
        );
        ctx.request.body.data.thirdPartyApiError = false;
      } catch (error) {
        ctx.request.body.data.httpRequestHeaders = JSON.stringify(
          error.config.headers
        );
        ctx.request.body.data.httpRequestMethod = error.config.method;
        ctx.request.body.data.httpRequestUrl = error.config.url;
        ctx.request.body.data.httpsRequestBody = error.config.data;
        ctx.request.body.data.httpResposneBody = JSON.stringify(error.message);
        ctx.request.body.data.thirdPartyApiError = true;
      }
      const currentUser = ctx.state.user;
      // 2. check if the current user already has an existing business listing (existingEndUser) against their name.
      const existingEndUser = await strapi.entityService.findMany(
        "api::end-user.end-user",
        {
          fields: ["id"],
          filters: { mobileNo: ctx.request.body.data.mobileNo },
        }
      );

      const oneTimePassword = Math.floor(100000 + Math.random() * 900000);

      const emailToSend = {
        to: ctx.request.body.data.email,
        from: undefined,
        replyTo: undefined,
        subject: `Your one time password is: ${oneTimePassword}`,
        text: `Hello ${"Jay Mehta"}, Your one time password to login to your end user portal is ${oneTimePassword}`,
        html: `<p>Hello ${"Jay Mehta"}, <br></br>Your one time password to login to your end user portal is ${oneTimePassword}</p><br /> Best Regards, <br /> Team Hiranandani.`,
      };

      // NOTE: Update the user before sending the email so an Admin can generate the link if the email fails

      await strapi.entityService.update(
        "plugin::users-permissions.user",
        currentUser.id,
        {
          data: {
            oneTimePassword: `${oneTimePassword}`,
          },
        }
      );

      // Send an email to the user.
      // await strapi.plugin("email").service("email").send(emailToSend).sendOTPToSpreto({...ctx.request.body.data,body: emailToSend });
      const spretoOTP = await strapi
        .service("api::end-user.end-user")
        .sendOTPToSpreto(ctx.request.body.data);
      // TODO: Send SMS.

      if (existingEndUser && existingEndUser.length !== 0) {
        console.log(`Found existing end user: `);
        console.log(existingEndUser);

        // This makes sure that we are updating the existing business listing only.
        ctx.params.id = existingEndUser[0].id;
        return super.update(ctx);
      } else {
        // We make sure that the newly created listing is created against the current business owner.
        ctx.request.body.data["user"] = currentUser.id;

        // Now go ahead and create the listing.
        return await super.create(ctx);
      }
    },
  })
);