import { Request, Response, NextFunction } from 'express';
import { validationResult, ValidationChain } from 'express-validator';
import logger from '../../config/logger';

/**
 * Middleware to validate request using express-validator rules
 * @param validations Array of express-validator validation chains
 */
export const validate = (validations: ValidationChain[]) => {
  return async (req: Request, res: Response, next: NextFunction): Promise<void> => {
    // Execute all validations
    await Promise.all(validations.map(validation => validation.run(req)));

    // Check if there are validation errors
    const errors = validationResult(req);

    if (errors.isEmpty()) {
      return next();
    }

    // Format validation errors for response
    const formattedErrors = errors.array().map(error => {
      return {
        field: error.param,
        message: error.msg,
        location: error.location,
        value: error.value
      };
    });

    // Log validation errors
    logger.warn('Validation failed', {
      method: req.method,
      url: req.url,
      errors: formattedErrors
    });

    // Return validation errors
    res.status(400).json({
      status: 'error',
      message: 'Validation failed',
      code: 'VALIDATION_ERROR',
      errors: formattedErrors
    });
  };
};

/**
 * Middleware to sanitize request data
 * This is a simple example - for production, use a more robust solution
 */
export const sanitizeRequest = (req: Request, res: Response, next: NextFunction): void => {
  if (req.body) {
    // Sanitize request body - example implementation
    Object.keys(req.body).forEach(key => {
      if (typeof req.body[key] === 'string') {
        // Simple example - remove script tags
        req.body[key] = req.body[key].replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '');
      }
    });
  }

  next();
};