'use strict'

const Joi = require('joi')

const pluginConfig = {
    handlerType: 'authentication',
    docs: {
        get: {
            description: 'gets session token for authentication',
            notes: 'Gets session token for authentication',
        },
    },
}

module.exports = {
    method: 'POST',
    path: '/getaccess',
    options: {
        ...pluginConfig.docs.get,
        tags: ['api'],
        auth: false,
        cors: {
            headers: ['Authorization', 'Content-Type'],
            exposedHeaders: ['Authorization', 'Access-Control-Expose-Headers'],
        },
        handler: async function (request, h) {
            const { userService } = request.server.services()
            const res = request.payload
            // NOTE: Access Token set for 5 minutes expiration (default)
            const accessToken = await userService.createToken(res, 600)
            try {
                const response = h.response({
                    ok: true,
                    handler: pluginConfig.handlerType,
                    data: accessToken,
                })
                response.header('Authorization', accessToken)
                return response
            } catch (err) {
                return {
                    ok: false,
                    handler: pluginConfig.handlerType,
                    data: {
                        error: err,
                    },
                }
            }
        },
        validate: {
            failAction: 'log',
        },
        response: {
            // TODO: change back to accommodate new h.response return values
            schema: Joi.any().label('get_session_res'),
            failAction: 'log',
        },
    },
}