const router = require('express').Router();
const { createClient } = require('@supabase/supabase-js');
const { getSupabaseUrl, getSupabaseKey } = require('./get-constants');


(async () => {
  const supabaseUrl = await getSupabaseUrl();
  const supabaseAnonKey = await getSupabaseKey();
  supabase = createClient(supabaseUrl, supabaseAnonKey); // supabase — глобальная переменная
})();

// POST /sign-in
router.post('/sign-in', async (req, res) => {
  const { email, password } = req.body;
  const { data, error } = await supabase.auth.signInWithPassword({ email, password });
  if (error) return res.status(400).json({ error: error.message });
  res.json(data);
});

// POST /sign-up
router.post('/sign-up', async (req, res) => {
  const { email, password } = req.body;
  const { data, error } = await supabase.auth.signUp({ email, password });
  if (error) return res.status(400).json({ error: error.message });
  res.json(data);
});

// POST /sign-out
router.post('/sign-out', async (req, res) => {
  const { access_token } = req.body;
  supabase.auth.setSession({ access_token, refresh_token: '' });
  const { error } = await supabase.auth.signOut();
  if (error) return res.status(400).json({ error: error.message });
  res.json({ success: true });
});

// POST /reset-password
router.post('/reset-password', async (req, res) => {
  const { email } = req.body;
  const { data, error } = await supabase.auth.resetPasswordForEmail(email);
  if (error) return res.status(400).json({ error: error.message });
  res.json(data);
});

// POST /update-password
router.post('/update-password', async (req, res) => {
  const { access_token, newPassword } = req.body;
  supabase.auth.setSession({ access_token, refresh_token: '' });
  const { data, error } = await supabase.auth.updateUser({ password: newPassword });
  if (error) return res.status(400).json({ error: error.message });
  res.json(data);
});

module.exports = router;