//libraries
const bcrypt = require('bcryptjs');

const { accounts, recovery } = require('../database/models');

//auth/reset
const route = async (req, res) => {
	//validate the given details
	const validateErr = await validateDetails(req.query, req.body);
	if (validateErr) {
		return res.status(401).send(validateErr);
	}

	//generate the password hash
	const hash = await bcrypt.hash(req.body.password, await bcrypt.genSalt(11));

	//update the account data
	await accounts.update({
		hash: hash
	}, {
		where: {
			email: req.query.email
		}
	})

	//delete from the recovery table
	await recovery.destroy({
		where: {
			email: req.query.email
		}
	});

	res.status(200).end();
	return null;
};

const validateDetails = async (query, body) => {
	//verify the recovery record exists
	const record = await recovery.findOne({
		where: {
			email: query.email,
			token: query.token
		}
	});

	if (!record) {
		return 'Failed to recover a password';
	}

	//validate password
	if (!body.password) {
		return 'Missing password';
	}

	if (body.password.length < 8) {
		return 'Password too short';
	}

	return null;
};

module.exports = route;