import { Router } from 'express';
import Stripe from 'stripe';
import { authMiddleware } from '../auth.js';
import { query } from '../db.js';

const router = Router();
const stripe = new Stripe(process.env.STRIPE_SECRET_KEY || '', {
  apiVersion: '2024-06-20'
});

router.post('/api/wallet/deposit-intent', authMiddleware, async (req, res) => {
  try {
    const amount = Number(req.body.amount);
    if (!Number.isFinite(amount) || amount < 50 || amount > 100) {
      return res.status(400).json({ error: 'A feltoltes 50 es 100 Ft kozott lehet.' });
    }

    const paymentIntent = await stripe.paymentIntents.create({
      amount,
      currency: 'huf',
      automatic_payment_methods: { enabled: true },
      metadata: {
        userId: String(req.userId)
      }
    });

    await query(
      'INSERT INTO deposits (user_id, amount, stripe_payment_intent_id, status) VALUES (?, ?, ?, ?)',
      [req.userId, amount, paymentIntent.id, 'created']
    );

    return res.json({ clientSecret: paymentIntent.client_secret, paymentIntentId: paymentIntent.id });
  } catch (err) {
    return res.status(500).json({ error: 'Nem sikerult letrehozni a fizetest.' });
  }
});

router.post('/api/wallet/confirm', authMiddleware, async (req, res) => {
  try {
    const paymentIntentId = req.body.paymentIntentId?.toString();
    if (!paymentIntentId) {
      return res.status(400).json({ error: 'Hianyzo paymentIntentId.' });
    }

    const rows = await query(
      'SELECT id, status, amount FROM deposits WHERE user_id = ? AND stripe_payment_intent_id = ?',
      [req.userId, paymentIntentId]
    );
    const deposit = rows[0];
    if (!deposit) {
      return res.status(404).json({ error: 'Ismeretlen befizetes.' });
    }

    const intent = await stripe.paymentIntents.retrieve(paymentIntentId);
    if (intent.status !== 'succeeded') {
      return res.json({ status: intent.status });
    }

    if (deposit.status !== 'succeeded') {
      await query(
        'UPDATE deposits SET status = ? WHERE id = ?',
        ['succeeded', deposit.id]
      );
      await query('UPDATE users SET balance = balance + ? WHERE id = ?', [deposit.amount, req.userId]);
    }

    const balanceRows = await query('SELECT balance FROM users WHERE id = ?', [req.userId]);
    const balance = balanceRows[0]?.balance ?? 0;
    return res.json({ status: 'succeeded', balance });
  } catch (err) {
    return res.status(500).json({ error: 'Nem sikerult a befizetes ellenorzese.' });
  }
});

export default router;