const express = require('express');
const router = express.Router();
const handler = require('express-async-handler');
const content = require('../helpers/content');
const crypto = require('crypto');

const { MAXFILES } = process.env;

async function upload(req, res) {

    if (req.body['_csrf'] != req.session.csrf) {
        res.status(405).send('CSRF error');
        return;
    }

    if (!req.body[req.session.captcha_input]) {
        res.status(405).send('Captcha error; please go back and refresh the page a few times.');
        return;
    }

    if (req.body[req.session.captcha_input] != req.session.captcha) {
        res.status(405).send('Bad captcha');
        return;
    }

    req.session.captcha = crypto.randomBytes(8).toString('base64').substring(0,6);
    

    if (content.submitted() >= MAXFILES) {
        res.status(405).send('Not allowed');
        return;
    }

    const data = req.body.text;

    if (data.length < 8) {
        res.send('Too short');
        return;
    }

    const id = await content.create(data);
    res.redirect(
        '/view?id=' + encodeURIComponent(id)
    );
}

router.post('/upload', handler(upload));

module.exports = router;