const DiscordStrategy = require('passport-discord').Strategy;
const db = require('../db');

module.exports = (passport) => {
  passport.use(new DiscordStrategy({
    clientID:     process.env.DISCORD_CLIENT_ID,
    clientSecret: process.env.DISCORD_CLIENT_SECRET,
    callbackURL:  `${process.env.APP_URL}/auth/discord/callback`,
    scope:        ['identify'],
  },
  async (accessToken, refreshToken, profile, done) => {
    try {
      // Admin-Status prüfen
      const rows = await db.query(
        'SELECT discord_id FROM admin_whitelist WHERE discord_id = ?',
        [profile.id]
      );
      const isAdmin = rows.length > 0;

      const user = {
        id:       profile.id,
        username: profile.username,
        avatar:   profile.avatar
          ? `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.png`
          : null,
        isAdmin,
      };
      return done(null, user);
    } catch (err) {
      return done(err, null);
    }
  }));

  passport.serializeUser((user, done) => done(null, user));
  passport.deserializeUser(async (obj, done) => {
    // Admin-Status bei jedem Request neu prüfen (live Whitelist)
    try {
      const rows = await db.query(
        'SELECT discord_id FROM admin_whitelist WHERE discord_id = ?',
        [obj.id]
      );
      obj.isAdmin = rows.length > 0;
      done(null, obj);
    } catch (e) {
      done(null, obj);
    }
  });
};