const express = require('express');
const cookieParser = require('cookie-parser');
const Config = require('./config.js');

const UserInterface = require('./user.js');

let app = express();

app.use(cookieParser());

// force https
app.use((req, res, next) => {
  if (Config.config.https) {
    if (req.headers['x-forwarded-proto'] !== 'https') {
      return res.redirect(`https://${req.headers.host}${req.url}`);
    }
  }
  return next();
});

if (!Config.config.secret) {
  console.error("No password secret found. please set `secret` in config.json");
  process.exit();
}
else if(Config.config.https && Config.config.secret == "TEST_SECRET") {
  console.error("please do not use the testing secret in production.");
  process.exit();
}

app.use("/user", UserInterface.router);

// serve static files last
// app.use(express.static("./static"));
// DISABLED: no longer needs to serve static files
// due to frontend being employed in elm

app.listen(Config.config.port || 8080, () => {
  console.log(`listening on port ${Config.config.port || 8080}`);
});