const express = require('express');
const cors = require('cors');
const session = require('express-session');
const MySQLStore = require('express-mysql-session')(session);
const path = require('path');
require('dotenv').config();

// 导入路由
const authRoutes = require('./routes/auth');
const studentRoutes = require('./routes/student');
const teacherRoutes = require('./routes/teacher');
const adminRoutes = require('./routes/admin');

// 数据库配置
const db = require('./config/database');

const app = express();
const PORT = process.env.PORT || 3000;

// 中间件
app.use(cors({
    origin: 'http://localhost:3000',
    credentials: true
}));
app.use(express.json());
app.use(express.urlencoded({ extended: true }));

// 会话配置
const sessionStore = new MySQLStore({
    expiration: 86400000, // 1天
    createDatabaseTable: true,
    schema: {
        tableName: 'sessions',
        columnNames: {
            session_id: 'session_id',
            expires: 'expires',
            data: 'data'
        }
    }
}, db.pool);

app.use(session({
    key: 'session_cookie',
    secret: process.env.SESSION_SECRET || 'your-secret-key',
    store: sessionStore,
    resave: false,
    saveUninitialized: false,
    cookie: {
        maxAge: 86400000,
        httpOnly: true,
        secure: process.env.NODE_ENV === 'production'
    }
}));

// 静态文件服务 - 只公开 public 目录
app.use('/public', express.static(path.join(__dirname, '../frontend/public')));

// 页面认证中间件
const requirePageAuth = (req, res, next) => {
    if (!req.session.user) {
        return res.redirect('/login');
    }
    next();
};

const requirePageRole = (allowedRoles) => {
    return (req, res, next) => {
        if (!req.session.user) return res.redirect('/login');
        if (!allowedRoles.includes(req.session.user.role)) {
            return res.status(403).send('<h1>403 Forbidden - 权限不足</h1><a href="/dashboard">返回首页</a>');
        }
        next();
    };
};

// 页面路由
app.get('/', (req, res) => res.redirect('/login'));
app.get('/login', (req, res) => {
    if (req.session.user) return res.redirect('/dashboard');
    res.sendFile(path.join(__dirname, '../frontend/views/auth/login.html'));
});
app.get('/register', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/auth/register.html')));

app.get('/dashboard', requirePageAuth, (req, res) => {
    const role = req.session.user?.role;
    switch (role) {
        case 'student': res.redirect('/student/dashboard'); break;
        case 'teacher': res.redirect('/teacher/dashboard'); break;
        case 'admin': res.redirect('/admin/dashboard'); break;
        default: res.redirect('/login');
    }
});

// 学生页面
app.get('/student/dashboard', requirePageAuth, requirePageRole(['student']), (req, res) => {
    res.sendFile(path.join(__dirname, '../frontend/views/student/dashboard.html'));
});

// 教师页面
const teacherRouter = express.Router();
teacherRouter.use(requirePageAuth, requirePageRole(['teacher']));
teacherRouter.get('/dashboard', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/teacher/dashboard.html')));
teacherRouter.get('/grade_entry', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/teacher/grade_entry.html')));
teacherRouter.get('/grade_management', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/teacher/grade_management.html')));
app.use('/teacher', teacherRouter);

// 管理员页面
const adminRouter = express.Router();
adminRouter.use(requirePageAuth, requirePageRole(['admin']));
adminRouter.get('/dashboard', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/admin/dashboard.html')));
adminRouter.get('/student_management', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/admin/student_management.html')));
adminRouter.get('/user_management', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/admin/user_management.html')));
app.use('/admin', adminRouter);

// API 路由
app.use('/api/auth', authRoutes);
app.use('/api/student', studentRoutes);
app.use('/api/teacher', teacherRoutes);
app.use('/api/admin', adminRoutes);

// 404处理
app.use((req, res) => {
    res.status(404).json({ error: 'Not found' });
});

// 错误处理
app.use((err, req, res, next) => {
    console.error(err.stack);
    res.status(500).json({ error: 'Internal server error' });
});

app.listen(PORT, async () => {
    console.log(`Server running on port ${PORT}`);
    console.log(`访问地址: http://localhost:${PORT}`);
    
    // 测试数据库连接
    const dbConfig = require('./config/database');
    await dbConfig.testConnection();
});