'use strict';

import {ArgsExpressType} from "../../types/ArgsExpressType";

const padManager = require('../../db/PadManager');

exports.expressCreateServer = (hookName:string, args:ArgsExpressType, cb:Function) => {
  // redirects browser to the pad's sanitized url if needed. otherwise, renders the html
  args.app.param('pad', (req:any, res:any, next:Function, padId:string) => {
    (async () => {
      // ensure the padname is valid and the url doesn't end with a /
      if (!padManager.isValidPadId(padId) || /\/$/.test(req.url)) {
        res.status(404).send('Such a padname is forbidden');
        return;
      }

      const sanitizedPadId = await padManager.sanitizePadId(padId);

      if (sanitizedPadId === padId) {
        // the pad id was fine, so just render it
        next();
      } else {
        // the pad id was sanitized, so we redirect to the sanitized version
        const realURL =
            encodeURIComponent(sanitizedPadId) + new URL(req.url, 'http://invalid.invalid').search;
        res.header('Location', realURL);
        res.status(302).send(`You should be redirected to <a href="${realURL}">${realURL}</a>`);
      }
    })().catch((err) => next(err || new Error(err)));
  });
  return cb();
};