import { API } from "../../lib/api.js";
import logging from '../../lib/logging.js';
import assert from 'assert';
import * as queues from "../../lib/queues.js";
import stripe_setup from "stripe";
import { stripe_private } from "../../lib/config.js";

const API_VERSION = stripe_private.api_version;
const log = logging.create("api/payments/stripe_webhook.js");
const hook_q = queues.create("stripe/webhook");
const stripe = stripe_setup(stripe_private.secret);

const validate_stripe = (api) => {
  try {
    assert(stripe_private.endpoint_secret, "Must set endpoint_secret in stripe. The stripe CLI prints this out.");

    const sig = api.req.headers['stripe-signature'];

    const event = stripe.webhooks.constructEvent(api.req.raw_body, sig, stripe_private.endpoint_secret);

    // simulate the api.validate method for now
    event._valid = true;
    return event;
  } catch (err) {
    log.error(err);
    return {_valid: false};
  }
}

export const post = async (req, res) => {
  const api = new API(req, res);

  const msg = validate_stripe(api);

  log.debug(`Stripe WebHook event ${msg.type} ID ${msg.id}`);

  if(msg._valid) {
    assert(msg.api_version == API_VERSION, `Stripe version is ${msg.api_version} but we use ${API_VERSION} created ${msg.created}`);
    hook_q.add(msg);
    api.reply(200, "OK");
  } else {
    api.error(400, "Bad Request");
  }
}

export const get = post;