import { registerUser } from "#server/service/auth";
import { z } from "zod";

const registerSchema = z.object({
  username: z.string().min(3).max(20),
  password: z.string().min(8).max(128),
  captchaToken: z.string().min(1),
  captchaCode: z.string().min(1),
});

export default defineWrappedResponseHandler({ auth: 'public' }, async (event) => {
  const body = await readBody(event);
  const parsed = registerSchema.safeParse(body);

  if (!parsed.success) {
    return R.error("参数校验失败", parsed.error.issues);
  }

  const { username, password, captchaToken, captchaCode } = parsed.data;
  const result = await registerUser(username, password, captchaToken, captchaCode);

  if (!result.success) {
    return R.error(result.message!, null);
  }

  // Set token as httpOnly cookie
  setCookie(event, "token", result.token!, {
    httpOnly: true,
    secure: process.env.NODE_ENV === "production",
    sameSite: "lax",
    maxAge: 60 * 60 * 24 * 7, // 7 days
    path: "/",
  });

  return R.success({ user: result.user });
});