const asyncHandler = require("express-async-handler");
const jwt = require("jsonwebtoken");
const bcrypt = require("bcryptjs");
const User = require("../models/user.js");

let opts = {};

exports.post = asyncHandler(async (req, res, next) => {
  const admin = await User.findOne({}).lean().exec(); // only one user in DB - admin. pull it up, jamie!
  const { username, password } = req.body; // get fields from body
  if (username === admin.username) {
    console.log();
    const match = await bcrypt.compare(password, admin.password); // compare bcrypt hashed passwords
    if (match) {
      opts.expiresIn = 120;
      const token = jwt.sign({ username }, process.env.SECRET_KEY, opts); // create token and return below
      return res.status(200).json({
        message: "Authentication complete",
        token,
      });
    }
  }
  return res.status(401).json({ message: "Authentication failed" }); // get rekt nerd
});