import { betterAuth } from "better-auth";
// Adapter to use prisma orm
import { mongodbAdapter } from "better-auth/adapters/mongodb";
import { MongoClient } from "mongodb";
import { env } from "./env";

const client = new MongoClient(env.MONGODB_CONNECTION_URI);
const db = client.db(env.MONGODB_DATABASE_NAME);

export const auth = betterAuth({
	// Set your backend URL
	baseURL: "https://hogwarts.novapulse.care",
	
	// Provide the database adapter mongodb here
	database: mongodbAdapter(db),
	
	// Authentication methods
	emailAndPassword: {
		enabled: true,
	},

	// Advanced configuration for cross-domain cookies
	advanced: {
		// Force secure cookies for production
		useSecureCookies: true,
		// Global cookie attributes for cross-domain
		defaultCookieAttributes: {
			sameSite: "none", // Required for cross-domain
			secure: true,     // Required for HTTPS and sameSite: "none"
			httpOnly: true,   // Security: prevent client-side access
			partitioned: true,
		},
		
		// Note: crossSubDomainCookies is not needed since you're using different domains
		// Only use this if you had subdomains like app.novapulse.care, admin.novapulse.care
		crossSubDomainCookies: {
			enabled: true,
			domain: ".novapulse.care",
		},
		

	},

	// Add all your frontend domains to trusted origins
	trustedOrigins: [
		"https://dumbledore.novapulse.care",
		"https://muggle-one.vercel.app",
		"https://novapulse.raisevcfund.com",
		"https://muggle-aswnss-m-aswnssms-projects.vercel.app",
		"http://localhost:3000", // for development
		"http://localhost:3001", // if you have multiple dev ports
		"https://admin-test.novapulse.care"
	],

	// Enable cookie cache to avoid hitting db to get session each time
	session: {
		cookieCache: {
			enabled: true,
			maxAge: 5 * 60, // in seconds (5min)
		},
	},

	// User additional fields
	user: {
		additionalFields: {
			designation: {
				type: "string",
				required: false,
			},
			role: {
				type: "string",
				required: false,
			},
			organizationId: {
				type: "string",
				required: false,
			},
			departmentId: {
				type: "string",
				required: false,
			},
			misspellings: {
				type: "string[]",
				required: false,
			},
		},
	},
});

// Extract the session and user type inorder to use them in our routes
export type AuthType = {
	user: typeof auth.$Infer.Session.user | null;
	session: typeof auth.$Infer.Session.session | null;
};