const axios = require('axios');

const BASE_URL = 'http://localhost:3001';

// Test data
const testUser = {
    email: 'test@example.com',
    password: 'TestPassword123!'
};

const testUser2 = {
    email: 'test2@example.com',
    password: 'TestPassword456!'
};

let authToken = null;

async function testEndpoint(name, testFn) {
    try {
        console.log(`\n🧪 Testing: ${name}`);
        await testFn();
        console.log(`✅ ${name} - PASSED`);
    } catch (error) {
        console.log(`❌ ${name} - FAILED`);
        if (error.response) {
            console.log(`   Status: ${error.response.status}`);
            console.log(`   Error: ${JSON.stringify(error.response.data, null, 2)}`);
        } else {
            console.log(`   Error: ${error.message}`);
        }
    }
}

async function testRegistration() {
    const response = await axios.post(`${BASE_URL}/api/auth/register`, testUser);
    
    if (response.status !== 201) {
        throw new Error(`Expected status 201, got ${response.status}`);
    }
    
    if (!response.data.user || !response.data.user.email) {
        throw new Error('Response should contain user data');
    }
    
    console.log(`   User registered: ${response.data.user.email}`);
}

async function testLogin() {
    const response = await axios.post(`${BASE_URL}/api/auth/login`, testUser);
    
    if (response.status !== 200) {
        throw new Error(`Expected status 200, got ${response.status}`);
    }
    
    if (!response.data.user) {
        throw new Error('Response should contain user data');
    }
    
    // Extract token from Set-Cookie header
    const cookies = response.headers['set-cookie'];
    if (cookies) {
        const authCookie = cookies.find(cookie => cookie.startsWith('authToken='));
        if (authCookie) {
            authToken = authCookie.split('=')[1].split(';')[0];
            console.log(`   Token received: ${authToken.substring(0, 20)}...`);
        }
    }
    
    console.log(`   User logged in: ${response.data.user.email}`);
}

async function testGetProfile() {
    if (!authToken) {
        throw new Error('No auth token available');
    }
    
    const response = await axios.get(`${BASE_URL}/api/user/profile`, {
        headers: {
            'Cookie': `authToken=${authToken}`
        }
    });
    
    if (response.status !== 200) {
        throw new Error(`Expected status 200, got ${response.status}`);
    }
    
    if (!response.data.user || !response.data.user.email) {
        throw new Error('Response should contain user data');
    }
    
    console.log(`   Profile retrieved: ${response.data.user.email}`);
}

async function testUpdateProfile() {
    if (!authToken) {
        throw new Error('No auth token available');
    }
    
    const updatedEmail = 'updated@example.com';
    const response = await axios.put(`${BASE_URL}/api/user/profile`, 
        { email: updatedEmail },
        {
            headers: {
                'Cookie': `authToken=${authToken}`
            }
        }
    );
    
    if (response.status !== 200) {
        throw new Error(`Expected status 200, got ${response.status}`);
    }
    
    if (response.data.user.email !== updatedEmail) {
        throw new Error(`Expected email to be updated to ${updatedEmail}`);
    }
    
    console.log(`   Profile updated: ${response.data.user.email}`);
}

async function testChangePassword() {
    if (!authToken) {
        throw new Error('No auth token available');
    }
    
    const newPassword = 'NewTestPassword789!';
    const response = await axios.post(`${BASE_URL}/api/user/change-password`, 
        { 
            currentPassword: testUser.password,
            newPassword: newPassword
        },
        {
            headers: {
                'Cookie': `authToken=${authToken}`
            }
        }
    );
    
    if (response.status !== 200) {
        throw new Error(`Expected status 200, got ${response.status}`);
    }
    
    console.log(`   Password changed successfully`);
    
    // Update test user password for future tests
    testUser.password = newPassword;
}

async function testLogout() {
    if (!authToken) {
        throw new Error('No auth token available');
    }
    
    const response = await axios.post(`${BASE_URL}/api/auth/logout`, {}, {
        headers: {
            'Cookie': `authToken=${authToken}`
        }
    });
    
    if (response.status !== 200) {
        throw new Error(`Expected status 200, got ${response.status}`);
    }
    
    console.log(`   User logged out successfully`);
    authToken = null;
}

async function testInvalidLogin() {
    try {
        await axios.post(`${BASE_URL}/api/auth/login`, {
            email: 'invalid@example.com',
            password: 'wrongpassword'
        });
        throw new Error('Should have failed with invalid credentials');
    } catch (error) {
        if (error.response && error.response.status === 401) {
            console.log(`   Invalid login correctly rejected`);
        } else {
            throw error;
        }
    }
}

async function testMissingFields() {
    try {
        await axios.post(`${BASE_URL}/api/auth/register`, {
            email: 'test@example.com'
            // missing password
        });
        throw new Error('Should have failed with missing password');
    } catch (error) {
        if (error.response && error.response.status === 400) {
            console.log(`   Missing fields correctly rejected`);
        } else {
            throw error;
        }
    }
}

async function testUnauthorizedAccess() {
    try {
        await axios.get(`${BASE_URL}/api/user/profile`);
        throw new Error('Should have failed without authentication');
    } catch (error) {
        if (error.response && error.response.status === 401) {
            console.log(`   Unauthorized access correctly rejected`);
        } else {
            throw error;
        }
    }
}

async function runTests() {
    console.log('🚀 Starting API Endpoint Tests');
    console.log('================================');
    
    // Test registration
    await testEndpoint('User Registration', testRegistration);
    
    // Test duplicate registration
    await testEndpoint('Duplicate Registration (should fail)', async () => {
        try {
            await axios.post(`${BASE_URL}/api/auth/register`, testUser);
            throw new Error('Should have failed with duplicate email');
        } catch (error) {
            if (error.response && error.response.status === 400) {
                console.log(`   Duplicate registration correctly rejected`);
            } else {
                throw error;
            }
        }
    });
    
    // Test login
    await testEndpoint('User Login', testLogin);
    
    // Test profile retrieval
    await testEndpoint('Get User Profile', testGetProfile);
    
    // Test profile update
    await testEndpoint('Update User Profile', testUpdateProfile);
    
    // Test password change
    await testEndpoint('Change Password', testChangePassword);
    
    // Test logout
    await testEndpoint('User Logout', testLogout);
    
    // Test error cases
    await testEndpoint('Invalid Login', testInvalidLogin);
    await testEndpoint('Missing Fields', testMissingFields);
    await testEndpoint('Unauthorized Access', testUnauthorizedAccess);
    
    console.log('\n🎉 All tests completed!');
}

// Check if server is running
async function checkServer() {
    try {
        await axios.get(`${BASE_URL}/health`);
        console.log('✅ Server is running');
        return true;
    } catch (error) {
        console.log('❌ Server is not running. Please start the server first with: npm start');
        return false;
    }
}

async function main() {
    const serverRunning = await checkServer();
    if (serverRunning) {
        await runTests();
    }
}

main().catch(console.error);