import express from 'express'
import path from 'path'
import passport from 'passport'
import morgan from 'morgan'
import cookieParser from 'cookie-parser'
import bodyParser from 'body-parser'
import session from 'express-session'
import flash from 'express-flash-2'
import fileUpload from 'express-fileupload'
import helmet from 'helmet'
import compression from 'compression'
import methodOverride from 'method-override'

const env = process.env.NODE_ENV || 'development'
const config = require('./config/config')[env]
const lang = 'DE'

const app = express()
app.set('port', config.app.port)
app.set('views', path.join(__dirname + '/views'))
app.set('view engine', 'pug')

// enable files upload
app.use(fileUpload({
  createParentPath: true,
  limits: {
    fileSize: 1000000 // 1 MB max. file size
  }
}))
app.use(methodOverride('_method'))
app.use(
  helmet.contentSecurityPolicy({
    useDefaults: true,
    directives: {
      'font-src': ["'self'", 'https://use.fontawesome.com'],
      'img-src': ["'self'", 'https://transfer.hft-stuttgart.de'],
      'script-src': ["'self'", 'https://code.jquery.com/jquery-3.3.1.min.js', 'https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js',
        'https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js', 'https://unpkg.com/bootstrap-show-password@1.2.1/dist/bootstrap-show-password.min.js'],
      'style-src': ["'self'", 'https://use.fontawesome.com/releases/v5.8.2/css/all.css'],
      'frame-src': ["'self'"]
    },
    reportOnly: true
  })
)

app.use(compression())
app.use(morgan('combined'))
app.use(cookieParser(config.app.sessionSecret))
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(express.static(path.join(__dirname, 'public')))
app.use((req, res, next) => {
  next()
})

app.use(session({
  resave: true,
  saveUninitialized: true,
  secret: config.app.sessionSecret
}))
app.use(flash())
app.use(passport.initialize())
app.use(passport.session())

// caching disabled for every route
// NOTE: Works in Firefox and Opera. Does not work in Edge
app.use(function (req, res, next) {
  res.set('Cache-Control', 'no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0')
  next()
})

require('./routes/public')(app, config, lang)
require('./routes/account')(app, config, passport, lang)

// Handle 404
app.use(function (req: any, res: any) {
  res.status(404).render(lang + '/404')
})

// Handle 500 - any server error
app.use(function (err: any, req: any, res: any, next: any) {
  console.error(err.stack)
  res.status(500).render(lang + '/500', {
    error: err
  })
})

app.listen(app.get('port'), function () {
  console.log('Express server listening on port ' + app.get('port'))
})