const { pool } = require('../config/databases');
const bcrypt = require('bcryptjs');

exports.getProfile = (req, res) => {
    res.json({
        message: 'Welcome to your profile!',
        user: req.user,
    });
};

exports.getAdminPage = (req, res) => {
    res.json({
        message: 'Welcome, admin!',
        user: req.user,
    });
};

exports.createUser = async (req, res) => {
  const { username, password, role = 'user' } = req.body;

  if (!username || !password) {
    return res.status(400).json({ message: 'Username and password are required.' });
  }

  try {
    // Check if username already exists
    const [existing] = await pool.query('SELECT * FROM users WHERE username = ?', [username]);

    if (existing.length > 0) {
      return res.status(409).json({ message: 'Username already exists.' });
    }

    // Hash password
    const hashedPassword = await bcrypt.hash(password, 10);

    // Insert user
    const [result] = await pool.query(
      'INSERT INTO users (username, password, role) VALUES (?, ?, ?)',
      [username, hashedPassword, role]
    );

    res.status(201).json({
      message: 'User created successfully',
      user: {
        id: result.insertId,
        username,
        role,
      },
    });
  } catch (err) {
    console.error(err);
    res.status(500).json({ message: 'Server error while creating user.' });
  }
};