"use server";

import { PrismaClient } from "@prisma/client";
import argon2 from "argon2";
import { setSession } from "../write/auth";
import { redirect, RedirectType } from "next/navigation";

export async function handleLogin(data: FormData) {
  const prisma = new PrismaClient();
  const username = data.get("username")?.toString();
  const password = data.get("password")?.toString();
  if (!username || !password) {
    throw new Error("Missing username or password");
  }

  const user = await prisma.user.findUnique({ where: { username } });
  if (!user) {
    redirect("/blog/login?error=Invalid%20credentials", RedirectType.replace);
  }

  if (await argon2.verify(user.password, password)) {
    setSession();
    redirect("/blog/write", RedirectType.replace);
  } else {
    redirect("/blog/login?error=Invalid%20credentials", RedirectType.replace);
  }
}