Untitled

import * as jose from "jose";
import {
  GOOGLE_CLIENT_ID,
  GOOGLE_CLIENT_SECRET,
  GOOGLE_REDIRECT_URI,
  COOKIE_NAME,
  REFRESH_COOKIE_NAME,
  COOKIE_MAX_AGE,
  JWT_EXPIRATION_TIME,
  JWT_SECRET,
  COOKIE_OPTIONS,
  REFRESH_TOKEN_EXPIRY,
  REFRESH_COOKIE_OPTIONS,
} from "@/utils/constants";
import User from "@/lib/schemas/users";
import mongoose from "mongoose";

const MONGODB_URI = process.env.MONGODB_URI!;

const connectDB = async () => {
  if (mongoose.connections[0].readyState) {
    console.log("🚀 Already connected to database.")
    return true
  }

  if (!MONGODB_URI) {
    console.error("🔴 MONGODB_URI is not defined.")
    return false
  }

  try {
    await mongoose.connect(MONGODB_URI)
    console.log("🚀 Successfully connected to MongoDB.")
    return true
  } catch (error) {
    console.log(process.env.MONGODB_URI);
    console.error("🔴 Failed to connect to MongoDB:", error)
    return false
  }
}


export async function POST(request: Request) {
  try {
    console.log("=== TOKEN API CALLED ===");
    console.log("Request URL:", request.url);
    console.log("Request method:", request.method);

    const body = await request.formData();
    const code = (body as any).get("code") as string;
    const platform = ((body as any).get("platform") as string) || "native";
    console.log("Received code:", code ? "[REDACTED]" : "undefined");
    console.log("Platform:", platform);

    if (!code) {
      console.log("No authorization code provided.");
      return Response.json(
        { error: "Missing authorization code" },
        { status: 400 }
      );
    }

    const response = await fetch("https://oauth2.googleapis.com/token", {
      method: "POST",
      headers: { "Content-Type": "application/x-www-form-urlencoded" },
      body: new URLSearchParams({
        client_id: GOOGLE_CLIENT_ID,
        client_secret: GOOGLE_CLIENT_SECRET,
        redirect_uri: GOOGLE_REDIRECT_URI,
        grant_type: "authorization_code",
        code: code,
      }),
    });

    const data = await response.json();
    console.log("Google token response:", data);

    if (!data.id_token) {
      console.log("No id_token in Google response.");
      return Response.json(
        { error: "Missing required parameters" },
        { status: 400 }
      );
    }

    const userInfo = jose.decodeJwt(data.id_token) as any;
    console.log("Decoded userInfo:", userInfo);
    const { exp, ...userInfoWithoutExp } = userInfo;
    const sub = userInfo.sub;
    const issuedAt = Math.floor(Date.now() / 1000);
    const jti = crypto.randomUUID();

    const accessToken = await new jose.SignJWT(userInfoWithoutExp)
      .setProtectedHeader({ alg: "HS256" })
      .setExpirationTime(JWT_EXPIRATION_TIME)
      .setSubject(sub)
      .setIssuedAt(issuedAt)
      .sign(new TextEncoder().encode(JWT_SECRET));

    const refreshToken = await new jose.SignJWT({
      sub,
      jti,
      type: "refresh",
      name: userInfo.name,
      email: userInfo.email,
      picture: userInfo.picture,
      given_name: userInfo.given_name,
      family_name: userInfo.family_name,
      email_verified: userInfo.email_verified,
    })
      .setProtectedHeader({ alg: "HS256" })
      .setExpirationTime(REFRESH_TOKEN_EXPIRY)
      .setIssuedAt(issuedAt)
      .sign(new TextEncoder().encode(JWT_SECRET));

    if (data.error) {
      return Response.json(
        {
          error: data.error,
          error_description: data.error_description,
          message:
            "OAuth validation error - please ensure the app complies with Google's OAuth 2.0 policy",
        },
        {
          status: 400,
        }
      );
    }

    await connectDB();

    const { email, name, picture } = userInfo;
    let user;
    let userId: string | null = null;
    try {
      user = await User.findOne({ email });
      console.log("User found in DB:", user);
      if (!user) {
        user = await User.create({
          email,
          name,
          picture,
          provider: "google",
          providerId: sub,
        });
        console.log("Created new user:", user);
      }
      userId = user._id.toString();
      console.log("User ID:", userId);
    } catch (err) {
      console.error("DB error:", err);
      userId = null;
    }

    if (platform === "web") {
      console.log("Setting cookies for web platform.");
      const response = Response.json({
        success: true,
        issuedAt: issuedAt,
        expiresAt: issuedAt + COOKIE_MAX_AGE,
      });

      response.headers.set(
        "Set-Cookie",
        `${COOKIE_NAME}=${accessToken}; Max-Age=${COOKIE_OPTIONS.maxAge}; Path=${COOKIE_OPTIONS.path}; ${COOKIE_OPTIONS.httpOnly ? "HttpOnly;" : ""}${COOKIE_OPTIONS.secure ? "Secure;" : ""} SameSite=${COOKIE_OPTIONS.sameSite}`
      );
      response.headers.append(
        "Set-Cookie",
        `${REFRESH_COOKIE_NAME}=${refreshToken}; Max-Age=${REFRESH_COOKIE_OPTIONS.maxAge}; Path=${REFRESH_COOKIE_OPTIONS.path}; ${REFRESH_COOKIE_OPTIONS.httpOnly ? "HttpOnly;" : ""}${REFRESH_COOKIE_OPTIONS.secure ? "Secure;" : ""} SameSite=${REFRESH_COOKIE_OPTIONS.sameSite}`
      );
      return response;
    }

    console.log("Returning tokens for native platform.");
    return Response.json({
      accessToken,
      refreshToken,
      user_id: userId || null,
    });
  } catch (err) {
    console.error("UNHANDLED ERROR in token+api.ts:", err);
    return Response.json({ error: "Internal server error" }, { status: 500 });
  }
}