const express = require('express');
const router = express.Router();

const ADMIN_USERNAME = 'admin';
const ADMIN_PASSWORD = 'admin1234';

// Login page
router.get('/login', (req, res) => {
  if (req.session.isAuthenticated) {
    return res.redirect('/admin/dashboard');
  }
  
  res.render('auth/login', {
    title: 'Login',
    layout: false
  });
});

router.post('/login', async (req, res) => {
  const { username, password } = req.body;
  if (username === ADMIN_USERNAME && password === ADMIN_PASSWORD) {
    req.session.user = {
      username: ADMIN_USERNAME,
      email: 'admin@ggcamp.org',
      name: 'Administrator',
      role: 'admin'
    };
    req.session.isAuthenticated = true;
    req.flash('success_msg', 'Login successful');
    res.redirect('/admin/dashboard');
  } else {
    req.flash('error_msg', 'Invalid username or password');
    res.redirect('/auth/login');
  }
});

router.get('/logout', (req, res) => {
  req.session.destroy((err) => {
    if (err) {
      console.error('Error when logout:', err);
    }
    res.redirect('/');
  });
});

module.exports = router;