import { NestFactory } from '@nestjs/core';
import { ValidationPipe, Logger } from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger';
import type { NextFunction, Request, Response } from 'express';
import helmet from 'helmet';
import { AppModule } from './app.module';
import { HttpExceptionFilter } from './common/filters/http-exception.filter';

async function bootstrap() {
  const logger = new Logger('Bootstrap');
  const app = await NestFactory.create(AppModule, { cors: false, rawBody: true });
  const config = app.get(ConfigService);

  const prefix = config.get<string>('API_PREFIX', 'api/v1');
  app.setGlobalPrefix(prefix);

  app.use(helmet());
  const configuredOrigins = config.get<string>('CORS_ORIGINS', '*')
    .split(',')
    .map((origin) => origin.trim())
    .filter(Boolean);
  const localOrigins = configuredOrigins.flatMap((origin) =>
    origin.includes('localhost') ? [origin.replace('localhost', '127.0.0.1')] : [],
  );
  const hasLocalOrigin = configuredOrigins.some(
    (origin) => origin.includes('localhost') || origin.includes('127.0.0.1'),
  );
  const localDevOrigins = hasLocalOrigin
    ? [
        'http://localhost:4321',
        'http://127.0.0.1:4321',
        'http://localhost:5173',
        'http://127.0.0.1:5173',
        'http://localhost:5174',
        'http://127.0.0.1:5174',
      ]
    : [];
  app.enableCors({
    origin: configuredOrigins.includes('*') ? '*' : [...new Set([...configuredOrigins, ...localOrigins, ...localDevOrigins])],
    credentials: true,
  });

  const tigerProtectCookieValue = config.get<string>('O2S_TIGER_PROTECT_COOKIE_VALUE');
  if (tigerProtectCookieValue) {
    app.use((_req: Request, res: Response, next: NextFunction) => {
      res.cookie('o2s-chl', tigerProtectCookieValue, {
        domain: config.get<string>('O2S_TIGER_PROTECT_COOKIE_DOMAIN', '.api.syndiclub.com'),
        httpOnly: true,
        maxAge: 24 * 60 * 60 * 1000,
        path: '/',
        sameSite: 'lax',
        secure: true,
      });
      next();
    });
  }

  app.useGlobalPipes(
    new ValidationPipe({
      whitelist: true,
      transform: true,
      forbidNonWhitelisted: true,
      transformOptions: { enableImplicitConversion: true },
    }),
  );
  app.useGlobalFilters(new HttpExceptionFilter());

  // Swagger / OpenAPI
  const swaggerConfig = new DocumentBuilder()
    .setTitle('SyndiClub API')
    .setDescription('PropTech SaaS — Gestion de syndicats de copropriété')
    .setVersion('0.1.0')
    .addBearerAuth()
    .build();
  const document = SwaggerModule.createDocument(app, swaggerConfig);
  SwaggerModule.setup(`${prefix}/docs`, app, document);

  const port = config.get<number>('PORT', 3000);
  await app.listen(port);
  logger.log(`🚀 SyndiClub API running on http://localhost:${port}/${prefix}`);
  logger.log(`📚 Swagger docs at http://localhost:${port}/${prefix}/docs`);
}
bootstrap();