import { z } from 'zod'
import { getUserByUsername, getUserByEmail, createUser, hashPassword, validatePassword } from '../../modules/auth/user'

const registerSchema = z.object({
  username: z.string().min(2, '用户名至少2个字符').max(20, '用户名最多20个字符'),
  password: z.string(),
  email: z.string().email('请输入有效的邮箱').optional().or(z.literal('')),
  realName: z.string().optional()
})

export default defineEventHandler(async (event) => {
  const body = await readBody(event)
  
  const result = registerSchema.safeParse(body)
  if (!result.success) {
    throw createError({
      statusCode: 400,
      message: result.error.errors[0].message
    })
  }

  const { username, password, email, realName } = result.data

  const passwordValidation = validatePassword(password)
  if (!passwordValidation.valid) {
    throw createError({
      statusCode: 400,
      message: passwordValidation.message!
    })
  }

  const existingUser = getUserByUsername(username)
  if (existingUser) {
    throw createError({
      statusCode: 409,
      message: '用户名已存在'
    })
  }

  if (email) {
    const existingEmail = getUserByEmail(email)
    if (existingEmail) {
      throw createError({
        statusCode: 409,
        message: '邮箱已被注册'
      })
    }
  }

  const passwordHash = hashPassword(password)
  const user = await createUser(username, passwordHash, email, realName)

  return {
    success: true,
    data: {
      id: user.id,
      username: user.username,
      email: user.email,
      realName: user.real_name,
      role: user.role_name,
      createdAt: user.created_at
    },
    message: '注册成功'
  }
})