const express = require("express");
const cookieParser = require("cookie-parser");

const app = express();
app.use(express.json());
app.use(cookieParser());

const PORT = 3000;

// Test-User
const USER = {
  username: "admin",
  password: "test123"
};

// Login
app.post("/api/login", (req, res) => {
  const { username, password } = req.body;

  if (username === USER.username && password === USER.password) {
    res.cookie("session", "valid", {
      httpOnly: true,
      sameSite: "Lax",
      path: "/"
    });
    return res.json({ success: true });
  }

  res.status(401).json({ success: false });
});

// Auth-Check für späteres Nginx auth_request
app.get("/internal/auth", (req, res) => {
  if (req.cookies.session === "valid") {
    return res.sendStatus(200);
  }
  res.sendStatus(401);
});

app.listen(PORT, () => {
  console.log(`Auth service listening on ${PORT}`);
});