var express = require('express')
var router = express.Router()
const rateLimit = require('express-rate-limit')

const Note = require('@models/Note')
const User = require('@models/User')
const Attachment = require('@models/Attachment')




//
// Public Note action
//
const sharedNoteLimiter = rateLimit({
	windowMs: 30 * 60 * 1000, //30 min window
	max: 50, // start blocking after 50 requests
	message:'Unable to open that many shared notes'
})
router.post('/opensharednote', sharedNoteLimiter, function (req, res) {
	
	Note.getShared(req.body.noteId, req.body.sharedKey)
	.then(results => res.send(results))
})

//
// Login User
//
const loginLimiter = rateLimit({
	windowMs: 30 * 60 * 1000, // 30 min window
	max: 25, // start blocking after 25 requests
	message:'Please try to login again later'
})
router.post('/login', loginLimiter, function (req, res) {

	User.login(req.body.username, req.body.password, req.body.authToken)
	.then( returnData => {

		res.send(returnData)
	})
})

//
// Register User
//
const registerLimiter = rateLimit({
	windowMs: 60 * 60 * 1000, // 1 hour window
	max: 5, // start blocking after 5 requests
	message:'Please try again to create an acount in an hour'
})
router.post('/register', registerLimiter, function (req, res) {

	User.register(req.body.username, req.body.password)
	.then( returnData => {

		res.send(returnData)
	})
})

//
// Public Pushme Action
//
const pushMeLimiter = rateLimit({
	windowMs: 30 * 60 * 1000, //30 min window
	max: 50, // start blocking after x requests
	message:'Error'
})
router.get('/pushmebaby', pushMeLimiter, function (req, res) {

	
	Attachment.pushUrl(req.query.pushkey, req.query.url)
	.then((() => {
		const jsCode = `
			<script>
				window.close();
			</script>
			<h1>Posting URL</h1>
		`;
		res.header('Content-Security-Policy', "script-src 'unsafe-inline'");
		res.set('Content-Type', 'text/html');
		res.send(Buffer.from(jsCode));
	}))
})

module.exports = router