import NextAuth from "next-auth"
import Credentials from "next-auth/providers/credentials"

export const { handlers, auth, signIn, signOut } = NextAuth({
  session: { strategy: "jwt" },
  pages: { signIn: "/login" },
  providers: [
    Credentials({
      credentials: {
        email: { label: "Email", type: "email" },
        password: { label: "Password", type: "password" },
      },
      authorize: async (credentials) => {
        const email = String(credentials?.email ?? "").trim().toLowerCase()
        const password = String(credentials?.password ?? "")
        if (!email || !password) return null

        const [{ eq }, { db }, { users }] = await Promise.all([
          import("drizzle-orm"),
          import("@/shared/db"),
          import("@/shared/db/schema"),
        ])

        const user = await db.query.users.findFirst({
          where: eq(users.email, email),
        })
        if (!user) return null

        const storedPassword = user.password ?? null
        if (storedPassword) {
          if (storedPassword !== password) return null
        } else if (process.env.NODE_ENV === "production") {
          return null
        }

        return {
          id: user.id,
          name: user.name ?? undefined,
          email: user.email,
          role: (user.role ?? "student") as string,
        }
      },
    }),
  ],
  callbacks: {
    jwt: async ({ token, user }) => {
      if (user) {
        token.id = (user as { id: string }).id
        token.role = (user as { role?: string }).role ?? "student"
      }
      return token
    },
    session: async ({ session, token }) => {
      if (session.user) {
        session.user.id = String(token.id ?? "")
        session.user.role = String(token.role ?? "student")
      }
      return session
    },
  },
})