import "dotenv/config";
import express from "express";
import helmet from "helmet";
import cors from "cors";
import morgan from "morgan";
import { env } from "./config/env";
import { generalLimiter } from "./config/rateLimits";
import { errorHandler, notFoundHandler } from "./middlewares/errorHandler";
import { logger } from "./shared/utils/logger";
import productsRouter from "./modules/products/products.routes";
import swaggerUi from "swagger-ui-express";
import { openApiDocument } from "./config/openapi";

const app = express();

app.use(helmet());

const allowedOrigins = env.CORS_ORIGINS.split(",").map((o) => o.trim());
app.use(
  cors({
    origin: (origin, callback) => {
      if (!origin || allowedOrigins.includes(origin)) callback(null, true);
      else callback(new Error(`CORS: origen no permitido: ${origin}`));
    },
    methods: ["GET", "OPTIONS"],
    allowedHeaders: ["Content-Type", "Authorization", "X-API-Key"],
    credentials: true,
  }),
);

app.use(generalLimiter);
app.use(express.json({ limit: "1mb" }));
app.use(express.urlencoded({ extended: true }));
app.use(
  morgan(env.NODE_ENV === "production" ? "combined" : "dev", {
    stream: { write: (msg) => logger.http(msg.trim()) },
  }),
);

app.get("/health", (_req, res) => {
  res.json({
    status: "ok",
    version: env.API_VERSION,
    timestamp: new Date().toISOString(),
  });
});

app.use('/docs', swaggerUi.serve, swaggerUi.setup(openApiDocument));

const API_PREFIX = `/api/${env.API_VERSION}`;
app.use(`${API_PREFIX}/products`, productsRouter);

app.use(notFoundHandler);
app.use(errorHandler);

export default app;