/**
 * API Server constants
 */

/** Default port for the API server */
export const DEFAULT_PORT = 9861;

/** Default Relying Party name for WebAuthn */
export const DEFAULT_RP_NAME = "Reviq Publisher Dashboard";

/** WebAuthn challenge expiry in milliseconds (5 minutes) */
export const WEBAUTHN_CHALLENGE_EXPIRY_MS = 5 * 60 * 1000;

/**
 * Get allowed WebAuthn origins from environment or defaults
 */
export const getAllowedOrigins = (): string[] => {
  const envOrigins = Bun.env.ALLOWED_WEBAUTHN_ORIGINS;
  if (envOrigins) {
    return envOrigins.split(",").map((o) => o.trim());
  }

  // Default to localhost origins for development
  return [
    `http://localhost:${DEFAULT_PORT.toString()}`,
    "http://localhost:6827",
    "http://localhost:6828",
  ];
};

// ===== Email Configuration =====

/** Email sender address */
export const EMAIL_FROM = Bun.env.EMAIL_FROM ?? "noreply@reviq.io";

/** Base URL for generating email links */
export const BASE_URL = Bun.env.BASE_URL ?? "http://localhost:6827";

/** Dev mode: log emails instead of sending (default: true) */
export const EMAIL_DEV_MODE = Bun.env.EMAIL_DEV_MODE !== "false";

/** Postmark API key (required when EMAIL_DEV_MODE is false) */
export const POSTMARK_API_KEY = Bun.env.POSTMARK_API_KEY;

// ===== Token Expiration Times =====

/** Email verification token expiry in hours */
export const EMAIL_VERIFICATION_EXPIRY_HOURS = 24;

/** Password reset token expiry in hours */
export const PASSWORD_RESET_EXPIRY_HOURS = 1;

/** Login confirmation token expiry in minutes */
export const LOGIN_CONFIRMATION_EXPIRY_MINUTES = 15;

/** Org invite token expiry in days */
export const ORG_INVITE_EXPIRY_DAYS = 7;