import Cookies from 'cookies';
import { NextApiRequest, NextApiResponse } from 'next';
import {
  AUTHORIZE_URL,
  CLIENT_ID,
  COOKIE_KEYS,
  REDIRECT_URL,
} from '../../lib/constants';
import { encrypt, generateString } from '../../lib/utils/crypto';

const inProd = process.env.NODE_ENV === 'production';

export default function handler(req: NextApiRequest, res: NextApiResponse) {
  const stateToken = generateString(16);
  const state = encrypt(
    JSON.stringify({
      redirect_uri: REDIRECT_URL,
      state: stateToken,
    })
  );

  const params = new URLSearchParams({
    client_id: CLIENT_ID,
    response_type: 'code',
    redirect_uri: REDIRECT_URL,
    scope: 'management',
    state,
  });

  const cookies = new Cookies(req, res, { keys: COOKIE_KEYS, secure: inProd });

  cookies.set('validation', stateToken, {
    secure: inProd,
    signed: true,
  });

  res.redirect(`${AUTHORIZE_URL}?${params.toString()}`);
}