"use server";
import { LOG_TYPE, prisma } from "@repo/db";
import { getServerSession } from "api/auth/[...nextauth]/auth";
import { randomUUID } from "crypto";
import { cookies, headers } from "next/headers";
import { sendReportEmbed } from "../../../../helper/discord";

export async function getOrSetDeviceId() {
	const store = await cookies();
	let deviceId = store.get("device_id")?.value;

	if (!deviceId) {
		deviceId = randomUUID();
		store.set("device_id", deviceId, {
			httpOnly: true,
			secure: true,
			sameSite: "lax",
			path: "/",
			maxAge: 60 * 60 * 24 * 365, // 1 Jahr
		});
	}

	return deviceId;
}

export const logAction = async (
	type: LOG_TYPE,
	otherValues?: {
		field: string;
		oldValue: string;
		newValue: string;
	},
) => {
	const headersList = await headers();
	const user = await getServerSession();

	const ip =
		headersList.get("X-Forwarded-For") ||
		headersList.get("Forwarded") ||
		headersList.get("X-Real-IP");

	const deviceId = await getOrSetDeviceId();
	if (type == "LOGIN") {
		const existingLogs = await prisma.log.findMany({
			where: {
				type: "LOGIN",
				userId: {
					not: user?.user.id,
				},
				OR: [
					{
						ip: ip,
					},
					{
						deviceId: deviceId,
					},
				],
			},
		});
		if (existingLogs.length > 0 && user?.user.id) {
			// Möglicherweise ein doppelter Account, Report erstellen
			const report = await prisma.report.create({
				data: {
					text: `Möglicher doppelter Account erkannt bei Login-Versuch.\n\nÜbereinstimmende Logs:\n${existingLogs
						.map((log) => `- Log ID: ${log.id}, IP: ${log.ip}, Zeitstempel: ${log.timestamp}`)
						.join("\n")}`,
					reportedUserId: user?.user.id,
					reportedUserRole: "LOGIN - Doppelter Account Verdacht",
				},
			});

			await sendReportEmbed(report.id);
		}
	}

	await prisma.log.create({
		data: {
			type,
			browser: headersList.get("user-agent") || "unknown",
			userId: user?.user.id,
			deviceId: deviceId,
			ip,
			...otherValues,
		},
	});
};