const express = require('express');
const bodyParser = require('body-parser');
const cors = require('cors');
const https = require('https');
const fs = require('fs');
require('dotenv').config();
const sequelize = require('./config/database');
const authRouter = require('./routes/auth');
const eventTypesRouter = require('./routes/eventtypes');
const eventPlacesRouter = require('./routes/eventPlaces');
const contactPersonsRouter = require('./routes/contactPerson');
const positionsRouter = require('./routes/positions');
const institutionRouter = require('./routes/institutions');
const eventRouter = require('./routes/event');
const menuDataRouter = require('./routes/menuData');
const worshipRouter = require('./routes/worships');
const pageRouter = require('./routes/pages');
const userRouter = require('./routes/users');
const imageRouter = require('./routes/image');
const filesRouter = require('./routes/files'); 

const app = express();
const PORT = parseInt(process.env.PORT, 10) || 3000;

// CORS mit Whitelist und tolerantem Fallback für fehlende Origin-Header
const allowedOrigins = (process.env.ALLOWED_ORIGINS || '')
  .split(',')
  .map(s => s.trim())
  .filter(Boolean);

app.use(cors({
  origin: (origin, callback) => {
    if (!origin) return callback(null, true); // z.B. Healthchecks/curl/Server-zu-Server
    if (allowedOrigins.length === 0) return callback(null, true); // Fallback: alles erlauben
    if (allowedOrigins.includes(origin)) return callback(null, true);
    return callback(new Error('Not allowed by CORS'), false);
  },
  credentials: true,
  methods: ['GET','POST','PUT','PATCH','DELETE','OPTIONS'],
  allowedHeaders: ['Content-Type','Authorization']
}));
app.options('*', cors());

app.use(bodyParser.json());

app.use('/api/auth', authRouter);
app.use('/api/event-types', eventTypesRouter);
app.use('/api/event-places', eventPlacesRouter);
app.use('/api/contact-persons', contactPersonsRouter);
app.use('/api/positions', positionsRouter);
app.use('/api/institutions', institutionRouter);
app.use('/api/events', eventRouter);
app.use('/api/menu-data', menuDataRouter);
app.use('/api/worships', worshipRouter);
app.use('/api/page-content', pageRouter);
app.use('/api/users', userRouter);
app.use('/api/image', imageRouter);
app.use('/api/files', filesRouter);

const options = {
  key: fs.readFileSync('server.key'),
  cert: fs.readFileSync('server.cert'),
  
};

sequelize.sync().then(() => {
/*  https.createServer(options, app).listen(PORT, () => {
    console.log(`Server läuft auf Port ${PORT}`);
  });*/
  app.listen(PORT, () => {
    console.log(`Server läuft auf Port ${PORT}`);
  });
});