import { Request, Response } from 'express';
import rateLimit from 'express-rate-limit';
import logger from '../../config/logger';

// Define different rate limit configurations
const standardLimiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 100, // limit each IP to 100 requests per windowMs
  standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
  legacyHeaders: false, // Disable the `X-RateLimit-*` headers
  message: {
    status: 'error',
    message: 'Too many requests, please try again later.',
    code: 'RATE_LIMIT_EXCEEDED'
  },
  handler: (req: Request, res: Response) => {
    logger.warn(`Rate limit exceeded: ${req.ip}`);
    res.status(429).json({
      status: 'error',
      message: 'Too many requests, please try again later.',
      code: 'RATE_LIMIT_EXCEEDED'
    });
  }
});

// More strict rate limiting for authentication endpoints
const authLimiter = rateLimit({
  windowMs: 60 * 60 * 1000, // 1 hour
  max: 10, // limit each IP to 10 login attempts per hour
  standardHeaders: true,
  legacyHeaders: false,
  message: {
    status: 'error',
    message: 'Too many login attempts, please try again later.',
    code: 'AUTH_RATE_LIMIT_EXCEEDED'
  },
  handler: (req: Request, res: Response) => {
    logger.warn(`Auth rate limit exceeded: ${req.ip}`);
    res.status(429).json({
      status: 'error',
      message: 'Too many login attempts, please try again later.',
      code: 'AUTH_RATE_LIMIT_EXCEEDED'
    });
  }
});

// Rate limiting for the sync endpoint (which might be called frequently by POS systems)
const syncLimiter = rateLimit({
  windowMs: 60 * 1000, // 1 minute
  max: 10, // limit each IP to 10 sync requests per minute
  standardHeaders: true,
  legacyHeaders: false,
  message: {
    status: 'error',
    message: 'Too many sync requests, please try again later.',
    code: 'SYNC_RATE_LIMIT_EXCEEDED'
  },
  handler: (req: Request, res: Response) => {
    logger.warn(`Sync rate limit exceeded: ${req.ip}`);
    res.status(429).json({
      status: 'error',
      message: 'Too many sync requests, please try again later.',
      code: 'SYNC_RATE_LIMIT_EXCEEDED'
    });
  }
});

// Export all rate limiters
export {
  standardLimiter as rateLimiterMiddleware,
  authLimiter,
  syncLimiter
};