import fs from "fs";
import path from "path";
import crypto from "crypto";
import express from "express";
import multer from "multer";
import 'dotenv/config'

const {
  FILE_LOCATION,
  ID_LENGTH = 12,
  TOKEN_FILE,
  PORT = 3000
} = process.env;

if (!FILE_LOCATION || !TOKEN_FILE) {
  throw new Error("Missing FILE_LOCATION or TOKEN_FILE");
}

const TOKENS = new Set(
  fs.readFileSync(TOKEN_FILE, "utf8")
    .split("\n")
    .map(t => t.trim())
    .filter(Boolean)
);

function randomId(len) {
  const chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
  let out = "";
  for (let i = 0; i < len; i++) {
    out += chars[Math.floor(Math.random() * chars.length)];
  }
  return out;
}

function auth(req, res, next) {
  const header = req.headers.authorization;
  if (!header || !header.startsWith("Bearer ")) {
    return res.status(401).json({ error: "Missing auth" });
  }

  const token = header.slice(7);
  if (!TOKENS.has(token)) {
    return res.status(403).json({ error: "Invalid token" });
  }

  next();
}

const upload = multer({
  storage: multer.diskStorage({
    destination: FILE_LOCATION,
    filename: (req, file, cb) => {
      const id = randomId(Number(ID_LENGTH));
      const ext = path.extname(file.originalname);
      cb(null, id + ext);
    }
  }),
  limits: {
    fileSize: 25 * 1024 * 1024 
  }
});

const app = express();

app.post("/upload", auth, upload.single("file"), (req, res) => {
  if (!req.file) {
    return res.status(400).json({ error: "No file" });
  }

  res.json({
    id: path.parse(req.file.filename).name,
    filename: req.file.filename,
    url: `/${req.file.filename}`
  });
});

app.get("/:name", (req, res) => {
  const filePath = path.join(FILE_LOCATION, req.params.name);

  if (!filePath.startsWith(FILE_LOCATION)) {
    return res.status(400).end();
  }

  fs.access(filePath, fs.constants.R_OK, err => {
    if (err) return res.status(404).end();
    res.sendFile(filePath);
  });
});

app.listen(PORT, "0.0.0.0", () => {
  console.log(`Listening on :${PORT}`);
});