import type { SessionOptions } from 'iron-session'
import { getIronSession } from 'iron-session'
import { cookies } from 'next/headers'

export interface SessionData {
  userId?: string
  email?: string
  name?: string
  loginInProgress?: { state: string; codeVerifier: string }
}

const opts: SessionOptions = {
  password: process.env.SESSION_PASSWORD || '',
  cookieName: 'preis_tracker_session',
  cookieOptions: {
    httpOnly: true,
    sameSite: 'lax',
    secure: process.env.NODE_ENV === 'production',
    maxAge: 7 * 24 * 60 * 60,
  },
}

export async function getSession() {
  if (!opts.password || (typeof opts.password === 'string' && opts.password.length < 32)) {
    throw new Error('SESSION_PASSWORD must be set to a 32+ char value')
  }
  const c = await cookies()
  return getIronSession<SessionData>(c, opts)
}

export const sessionOptions = opts