import fetchHelper from './fetchHelper'
import getTokenHelper from './getTokenHelper'
import { shouldLogoutOnError, classifyAuthError } from './authErrorHelper'

/**
 * Safely set a cookie, checking if headers have already been sent
 */
function safeClearCookie(event: any, name: string, value: string | null): boolean {
  try {
    // Check if headers have already been sent
    if (event?.node?.res?.headersSent) {
      return false
    }
    setCookie(event, name, value as any)
    return true
  } catch (error: any) {
    // Silently ignore "headers already sent" errors
    if (error?.code === 'ERR_HTTP_HEADERS_SENT') {
      return false
    }
    throw error
  }
}

/**
 * Force logout helper - handles logout when authentication truly fails
 *
 * This helper now properly classifies errors to distinguish between:
 * - True authentication failures (expired/invalid tokens) -> logout
 * - Authorization failures (forbidden/permission denied) -> no logout
 * - Other errors -> no logout
 *
 * @param event - The request event
 * @param record - The error record with status and message
 * @returns true if logout was performed, false otherwise
 */
export default async function forceLogoutHelper(event: any, record: any): Promise<boolean> {
  // Check if headers have already been sent - if so, we can't set cookies
  if (event?.node?.res?.headersSent) {
    return false
  }

  // Classify the error to determine if logout is needed
  const classification = classifyAuthError(record)

  // Log the classification for debugging (can be removed in production)
  if (process.env.NODE_ENV === 'development') {
    console.log('[forceLogoutHelper] Error classification:', {
      status: record.status,
      errorType: classification.errorType,
      shouldLogout: classification.shouldLogout,
      reason: classification.reason
    })
  }

  // Only logout if this is a true authentication failure
  if (!classification.shouldLogout) {
    return false
  }

  try {
    let token: string = await getTokenHelper(event)

    // Clear user cookie
    safeClearCookie(event, 'logship_user', null)

    // Call logout endpoint
    const res = await fetchHelper(event, 'auth/logout', 'POST', token, {
      token: token,
    })

    // Clear auth tokens if logout was successful
    if(res) {
      safeClearCookie(event, 'logship_it', '')
      safeClearCookie(event, 'logship_rt', '')
    }

    return true
  } catch (error) {
    // If logout fails, still clear cookies to ensure user is logged out
    console.error('[forceLogoutHelper] Logout failed, clearing cookies anyway:', error)
    safeClearCookie(event, 'logship_user', null)
    safeClearCookie(event, 'logship_it', '')
    safeClearCookie(event, 'logship_rt', '')

    return true
  }
}