import { defineEventHandler, getCookie, deleteCookie } from "h3";

import { isAuthorised } from "../middleware/auth";
import { database } from "../utils/database";
import { cookieSettings } from "../utils/rootUtils";

import { createError } from "#imports";

export default defineEventHandler(async (e) => {
  const token = getCookie(e, "token");
  if (token === undefined) {
    throw createError({
      statusCode: 401,
      data: "You can't log out if you're already logged out (no session cookie)",
    });
  }

  deleteCookie(e, "token", cookieSettings);
  if (!await isAuthorised(token)) {
    throw createError({
      statusCode: 401,
      message: "You can't log out if you're already logged out (session expired or never existed)",
    });
  }

  database.session.delete({
    where: {
      id: BigInt(token),
    },
  });
  return { message: "Logged out" };
});