tremor-tracker/src/app/api/signup/route.ts

import bcryptjs from "bcryptjs";
import { SignJWT } from "jose";
import { NextResponse } from "next/server";

import { PrismaClient } from "@prismaclient";
import { env } from "@utils/env";

import { findUserByEmail, passwordStrengthCheck, readUserCsv, User, writeUserCsv } from "../functions/csvReadWrite";

const usingPrisma = false;
let prisma: PrismaClient;
if (usingPrisma) prisma = new PrismaClient();

export async function POST(req: Request) {
	try {
		const { email, password, name } = await req.json(); // Parse incoming JSON data
		const accessLevel = "basic";

		const userData = await readUserCsv();

		console.log(userData);
		console.log("Name:", name); // ! remove
		console.log("Email:", email); // ! remove
		console.log("Password:", password); // ! remove

		let foundUser;

		if (usingPrisma) {
			foundUser = await prisma.user.findUnique({
				where: {
					email: email, // use the email to uniquely identify the user
				},
			});
		} else {
			foundUser = findUserByEmail(userData, email);
		}

		if (foundUser) {
			return NextResponse.json({ message: "Sorry, this email is already in use" }, { status: 409 });
		}

		const passwordCheckResult = await passwordStrengthCheck(password);

		if (passwordCheckResult === "short") {
			return NextResponse.json({ message: "Your password is shorter than 8 characters" }, { status: 400 });
		} else if (passwordCheckResult === "long") {
			return NextResponse.json({ message: "Your password is longer than 16 characters" }, { status: 400 });
		} else if (passwordCheckResult === "no lower") {
			return NextResponse.json({ message: "Your password must contain a lowercase letters" }, { status: 400 });
		} else if (passwordCheckResult === "no upper") {
			return NextResponse.json({ message: "Your password must contain a uppercase letters" }, { status: 400 });
		} else if (passwordCheckResult === "no digit") {
			return NextResponse.json({ message: "Your password must contain a number" }, { status: 400 });
		} else if (passwordCheckResult === "no special") {
			return NextResponse.json({ message: "Your password must contain a special character (!@#$%^&*)" }, { status: 400 });
		} else if (passwordCheckResult === "end of function") {
			return NextResponse.json({ message: "Password check script failure" }, { status: 500 });
		} else {
			try {
				const passwordHash = await bcryptjs.hash(password, 10);
				let user;
				if (usingPrisma) {
					// todo add sending back user
					user = await prisma.user.create({
						data: {
							name,
							email,
							passwordHash,
						},
					});
				} else {
					user = { name, email, password: passwordHash, accessLevel };
					userData.push(user);
				}
				await writeUserCsv(userData);

				const secret = new TextEncoder().encode(env.JWT_SECRET_KEY);
				const token = await new SignJWT({ userId: user.id })
					.setProtectedHeader({ alg: "HS256" })
					.setExpirationTime("2w")
					.sign(secret);

				const response = NextResponse.json({ message: "Account Created" }, { status: 201 });
				response.cookies.set("jwt", token, {
					httpOnly: true,
					secure: process.env.NODE_ENV === "production",
					sameSite: "strict",
					maxAge: 3600 * 168 * 2, // 2 weeks
					path: "/",
				});
				return response;
			} catch (error) {
				console.error("Error in writting :", error);
				return NextResponse.json({ message: "Internal Server Error" }, { status: 500 });
			}
		}
	} catch (error) {
		console.error("Error in signup endpoint:", error);
		return NextResponse.json({ message: "Internal Server Error" }, { status: 500 });
	}
}