import { Users } from '$lib/server/users/index.js';
import { fail, redirect, type Actions } from '@sveltejs/kit';

export const actions = {
	default: async ({ request, locals, url }) => {
    // Redirect
		const redirectUrl = url.searchParams.has('redirectTo')
			? (url.searchParams.get('redirectTo') as string)
			: '/';

		// Already logged in
		if (locals.session.data?.user) {
			return redirect(303, redirectUrl);
		}

		const data = await request.formData();
		const email = data.get('email') as string;
		const password = data.get('password') as string;

		if (!email?.trim() || !password?.trim()) {
			return fail(400, { incorrect: true });
		}

		// Find existing active user
		const loginUser = await Users.getByLogin(email);

		// Compare user password
		if (!loginUser || !(await Users.validatePassword(loginUser, password))) {
			return fail(400, { email, incorrect: true });
		}

		// TODO: check two-factor

		// Create session data for user
		const sessionUser = await Users.toSession(loginUser);
		await locals.session.set({ user: sessionUser });

		return redirect(303, redirectUrl);
	}
} as Actions;