import * as jwt from 'jsonwebtoken';
import { User, DatabaseInterface, Session } from '@accounts/types';
import { EmailTemplatesType } from './email-templates-type';
import { PrepareMailFunction } from './prepare-mail-function';
import { SendMailType } from './send-mail-type';
import { TokenCreator } from './token-creator';
import { JwtData } from './jwt-data';

export interface AccountsServerOptions<CustomUser extends User = User> {
  /**
   * Return ambiguous error messages from login failures to prevent user enumeration. Defaults to true.
   */
  ambiguousErrorMessages?: boolean;
  db?: DatabaseInterface<CustomUser>;
  tokenSecret:
    | string
    | {
        publicKey: jwt.Secret;
        privateKey: jwt.Secret;
      };
  tokenConfigs?: {
    accessToken?: jwt.SignOptions;
    refreshToken?: jwt.SignOptions;
  };
  emailTemplates?: Partial<EmailTemplatesType>;
  userObjectSanitizer?: (user: CustomUser) => CustomUser;
  impersonationAuthorize?: (user: User, impersonateToUser: User) => Promise<any>;
  /**
   * Use this function if you want to cancel the current session to be resumed.
   * The session parameter will be null if the `useStatelessSession` option is set to true.
   */
  resumeSessionValidator?: (user: User, session: Session) => Promise<void>;
  siteUrl?: string;
  prepareMail?: PrepareMailFunction;
  sendMail?: SendMailType;
  tokenCreator?: TokenCreator;
  /**
   * Creates a new session token each time a user refreshes his access token
   */
  createNewSessionTokenOnRefresh?: boolean;
  /**
   * Function to add addition information in jwt payload of accessToken
   */
  createJwtPayload?: (data: JwtData, user: CustomUser) => Promise<Record<string, any>>;
  /**
   * If this flag is set to true - user will be automatically logged in after registration.
   * LoginResult data will be included into registration response.
   */
  enableAutologin?: boolean;
  /**
   * Set this false to `false` if you wish to skip internal user sanitazing method, and expose
   * the original User object as-is.
   */
  useInternalUserObjectSanitizer?: boolean;
  /**
   * Should the session mechanism be stateless. By default the token is checked against the database in every
   * request. This allow you to revoke a session at any time.
   * Since we are using JWT you can decide to have a stateless session. This means that the token won't be
   * checked against the database on every request. Using the stateless approach will make the server authorisation
   * check faster but this means that you won't be able to able to invalidate the access token until it's expired.
   * Only use this option if you understand the downsides of this approach.
   * Default 'false'.
   */
  useStatelessSession?: boolean;
}