import NextAuth from 'next-auth';
import { authConfig } from './auth.config';
import Credentials from 'next-auth/providers/credentials';
import { z } from 'zod';
import db from '@/lib/db';
 
export const { handlers, auth, signIn, signOut } = NextAuth({
  ...authConfig,
  providers: [
    Credentials({
      async authorize(credentials) {
        const parsedCredentials = z
          .object({ email: z.string().email(), password: z.string().min(1) })
          .safeParse(credentials);

        if (parsedCredentials.success) {
          const { email, password } = parsedCredentials.data;
          
          try {
            const userStmt = db.prepare('SELECT * FROM users WHERE email = ?');
            const user = userStmt.get(email) as any;

            if (!user) return null;
            
            // WARNING: Storing passwords in plaintext is insecure.
            // This is for demonstration purposes only.
            // In a real application, you MUST hash and salt passwords.
            const passwordsMatch = password === user.password;

            if (passwordsMatch) {
              // The user object returned here will be encoded in the JWT.
              return { id: user.id, name: user.name, email: user.email };
            }

          } catch (e) {
            console.error(e)
            return null
          }
        }

        return null;
      },
    }),
  ]
});

export const runtime = "nodejs";