import 'dotenv/config';
import express from 'express';
import cors from 'cors';
import helmet from 'helmet';
import cookieParser from 'cookie-parser';
import { env } from './config/env.js';
import { logger } from './lib/logger.js';
import chatRoutes from './routes/chat.js';
import tripsRoutes from './routes/trips.js';
import { createOptionalAuth } from './lib/auth.js';

const app = express();

app.use(helmet({ contentSecurityPolicy: false }));
app.use(cors({ origin: env.appUrl, credentials: true }));
app.use(express.json({ limit: '2mb' }));
app.use(cookieParser());

app.use((req, _res, next) => {
  if (req.url !== '/health') logger.info({ method: req.method, url: req.url }, 'request');
  next();
});

app.get('/health', (_req, res) => {
  res.json({ status: 'ok', service: 'tesla-roadtrip', time: new Date().toISOString() });
});

const auth = createOptionalAuth();
if (auth) {
  app.use(auth.middleware());
  app.use(auth.routes());
  logger.info('Auth middleware mounted (AUTH_SECRET present)');
} else {
  logger.info('Auth disabled — set AUTH_SECRET to enable user accounts');
}

app.use('/api', chatRoutes);
app.use('/api/trips', tripsRoutes);

app.use((err: Error, _req: express.Request, res: express.Response, _next: express.NextFunction) => {
  logger.error({ err }, 'Unhandled error');
  res.status(500).json({ error: 'Internal server error' });
});

app.listen(env.port, () => {
  logger.info(`Tesla Roadtrip server running on port ${env.port}`);
});