FEDEO/src/routes/tenant.ts

import { FastifyInstance } from "fastify";
import jwt from "jsonwebtoken";
import {secrets} from "../utils/secrets";

export default async function routes(server: FastifyInstance) {
    server.get("/tenant", async (req) => {
        if(req.tenant) {
            return {
                message: `Hallo vom Tenant ${req.tenant?.name}`,
                tenant_id: req.tenant?.id,
            };
        } else {
            return {
                message: `Server ist in MultiTenant Mode. Sie bekommen alles für Sie verfügbare`,
            };
        }



    });

    server.post("/tenant/switch", async (req, reply) => {
        if (!req.user) {
            return reply.code(401).send({ error: "Unauthorized" });
        }

        const body = req.body as { tenant_id: string };
        console.log(body);

        // prüfen ob user im Tenant Mitglied ist
        const { data: tenantUser, error } = await server.supabase
            .from("auth_tenant_users")
            .select("*")
            .eq("user_id", req.user.user_id)
            .eq("tenant_id", body.tenant_id)
            .single();

        if (error || !tenantUser) {
            return reply.code(403).send({ error: "Not a member of this tenant" });
        }

        // neues JWT mit tenant_id ausstellen
        const token = jwt.sign(
            {
                user_id: req.user.user_id,
                email: req.user.email,
                tenant_id: body.tenant_id,
            },
            secrets.JWT_SECRET!,
            { expiresIn: "6h" }
        );

        reply.setCookie("token", token, {
            path: "/",
            httpOnly: true,
            sameSite: process.env.NODE_ENV === "production" ? "none" : "lax",
            secure: process.env.NODE_ENV === "production", // lokal: false, prod: true
            maxAge: 60 * 60 * 3, // 3 Stunden
        })

        return { token };
    });

    server.get("/tenant/users", async (req, reply) => {
        const { tenant_id } = req.params as { tenant_id: string };
        const authUser = req.user  // kommt aus JWT (user_id + tenant_id)

        if (!authUser) {
            return reply.code(401).send({ error: "Unauthorized" })
        }

        const { data, error } = await server.supabase
            .from("auth_tenant_users")
            .select(`
        user_id,
        auth_users!tenantusers_user_id_fkey ( id, email, created_at, auth_profiles(*))`)
            .eq("tenant_id", authUser.tenant_id);

        if (error) {
            console.log(error);
            return reply.code(400).send({ error: error.message });
        }

        let correctedData = data.map(i => {


            return {
                id: i.user_id,
                // @ts-ignore
                email: i.auth_users.email,
                // @ts-ignore
                profile: i.auth_users.auth_profiles.find(x => x.tenant_id === authUser.tenant_id),
                // @ts-ignore
                full_name: i.auth_users.auth_profiles.find(x => x.tenant_id === authUser.tenant_id)?.full_name,
            }
        })

        return { tenant_id, users: correctedData };
    });

    server.put("/tenant/numberrange/:numberrange", async (req, reply) => {
        if (!req.user) {
            return reply.code(401).send({ error: "Unauthorized" });
        }
        const { numberrange } = req.params as { numberrange?: string }

        const body = req.body as { numberRange: object };
        console.log(body);

        if(!body.numberRange) {
            return reply.code(400).send({ error: "numberRange required" });
        }

        const {data:currentTenantData,error:numberRangesError} = await server.supabase.from("tenants").select().eq("id", req.user.tenant_id).single()

        console.log(currentTenantData)
        console.log(numberRangesError)


        let numberRanges = {
            // @ts-ignore
            ...currentTenantData.numberRanges
        }

        // @ts-ignore
        numberRanges[numberrange] = body.numberRange


        console.log(numberRanges)

        const {data,error} = await server.supabase
            .from("tenants")
            .update({numberRanges: numberRanges})
            .eq('id',req.user.tenant_id)
            .select()

        if(data && !error) {
            return reply.send(data)
        }
    });

    server.put("/tenant/other/:id", async (req, reply) => {
        if (!req.user) {
            return reply.code(401).send({ error: "Unauthorized" });
        }
        const { id } = req.params as { id?: string }

        const body = req.body as { data: object };
        console.log(body);

        if(!body.data) {
            return reply.code(400).send({ error: "data required" });
        }

        const {data:dataReturn,error} = await server.supabase
            .from("tenants")
            .update(body.data)
            .eq('id',req.user.tenant_id)
            .select()

        if(dataReturn && !error) {
            return reply.send(dataReturn)
        }
    });

}