// server
// /app/routes.js
const createDebug = require("debug")
const debug = createDebug("webssh2:routes")
const express = require("express")
const router = express.Router()
const handleConnection = require("./connectionHandler")
const basicAuth = require("basic-auth")
const { sanitizeObject } = require("./utils")

function auth(req, res, next) {
  debug("Authenticating user with HTTP Basic Auth")
  var credentials = basicAuth(req)
  if (!credentials) {
    res.setHeader("WWW-Authenticate", 'Basic realm="WebSSH2"')
    return res.status(401).send("Authentication required.")
  }
  // Store credentials in session
  req.session.sshCredentials = {
    username: credentials.name,
    password: credentials.pass
  }
  next()
}

// Scenario 1: No auth required, uses websocket authentication instead
router.get("/", function (req, res) {
  debug("Accessed / route")
  handleConnection(req, res)
})

// Scenario 2: Auth required, uses HTTP Basic Auth
router.get("/host/:host", auth, function (req, res) {
  debug(`Accessed /ssh/host/${req.params.host} route`)
  const { host } = req.params
  const { port = 22, sshTerm } = req.query
  req.session.sshCredentials = req.session.sshCredentials || {}
  req.session.sshCredentials.host = host
  req.session.sshCredentials.port = parseInt(port, 10)
  if (sshTerm) {
    req.session.sshCredentials.term = sshTerm
  }

  // Sanitize and log the sshCredentials object
  const sanitizedCredentials = sanitizeObject(
    JSON.parse(JSON.stringify(req.session.sshCredentials))
  )
  debug("/ssh/host/ Credentials: ", sanitizedCredentials)

  handleConnection(req, res, { host: req.params.host })
})

// Clear credentials route
router.post("/clear-credentials", function (req, res) {
  req.session.sshCredentials = null
  res.status(200).send("Credentials cleared.")
})

router.post("/force-reconnect", function (req, res) {
  req.session.sshCredentials = null
  res.status(401).send("Authentication required.")
})

module.exports = router