import type { RequestHandler } from '@sveltejs/kit';
import { Report, User } from '$lib/server/database';
import * as crypto from 'crypto';
import { env as public_env } from '$env/dynamic/public';
import { env } from '$env/dynamic/private';

export const POST = (async ({ request, url }) => {
	if (env.REPORT_SECRET && url.searchParams.get('secret') !== env.REPORT_SECRET)
		return new Response(null, { status: 401 });

	const data: { reporter: string; reported: string | null; reason: string } = await request.json();

	if (data.reporter == null || data.reason == null) return new Response(null, { status: 400 });

	const reporter = await User.findOne({ where: { uuid: data.reporter } });
	const reported = data.reported
		? await User.findOne({ where: { uuid: data.reported } })
		: undefined;

	if (reporter == null || reported === null) return new Response(null, { status: 400 });

	const report = await Report.create({
		subject: data.reason,
		body: null,
		draft: true,
		status: 'none',
		url_hash: crypto.randomBytes(18).toString('hex'),
		completed: false,
		reporter_id: reporter.id,
		reported_id: reported?.id || null
	});

	return new Response(
		JSON.stringify({
			url: `${url.protocol}//${url.host}${public_env.PUBLIC_BASE_PATH || ''}/report/${
				report.url_hash
			}`
		}),
		{
			status: 201
		}
	);
}) satisfies RequestHandler;