/**
 * Resend email verification to authenticated user
 * Requires authentication
 *
 * Flow:
 * 1. Check if email is already verified (return early if so)
 * 2. Delete any existing verification tokens for this user
 * 3. Generate new secure base58 token
 * 4. Create new email_verifications record with 24 hour expiry
 * 5. Send verification email (stubbed)
 */

import { sendVerificationEmail } from "@reviq/emails";
import { TOKEN_DURATIONS } from "../../utils/cookies.js";
import {
  generateExpiry,
  generateSecureBase58Token,
} from "../../utils/crypto.js";
import { authedProcedure } from "../base.js";

export const resendVerificationEmail =
  authedProcedure.auth.resendVerificationEmail.handler(async ({ context }) => {
    // Check if email is already verified
    if (context.user.emailVerifiedAt !== null) {
      // Email already verified, return early
      return { success: true };
    }

    // Delete any existing verification tokens for this user
    await context.db
      .deleteFrom("email_verifications")
      .where("user_id", "=", context.user.id)
      .execute();

    // Generate new secure base58 token
    const token = generateSecureBase58Token();
    const expiresAt = generateExpiry(TOKEN_DURATIONS.EMAIL_VERIFICATION);

    // Create new verification record
    await context.db
      .insertInto("email_verifications")
      .values({
        user_id: context.user.id,
        token,
        expires_at: expiresAt,
      })
      .execute();

    // Send verification email
    await sendVerificationEmail({
      client: context.email.client,
      fromAddress: context.email.fromAddress,
      baseUrl: context.email.baseUrl,
      email: context.user.email,
      token,
      expiryHours: 24,
    });

    return { success: true };
  });