'use server'

import { redirect } from 'next/navigation'
import { createClient } from '@/lib/supabase/server'

export async function changePassword(formData: FormData) {
  const password = String(formData.get('password') ?? '')
  const confirm = String(formData.get('confirm') ?? '')

  if (password.length < 8) {
    redirect(
      `/change-password?error=${encodeURIComponent('Password must be at least 8 characters.')}`,
    )
  }

  if (password !== confirm) {
    redirect(
      `/change-password?error=${encodeURIComponent('Passwords do not match.')}`,
    )
  }

  const supabase = await createClient()

  const {
    data: { user },
  } = await supabase.auth.getUser()

  if (!user) {
    redirect('/login')
  }

  const { error: updateError } = await supabase.auth.updateUser({ password })
  if (updateError) {
    redirect(
      `/change-password?error=${encodeURIComponent(updateError.message)}`,
    )
  }

  const { error: profileError } = await supabase
    .from('profiles')
    .update({ must_change_password: false })
    .eq('id', user.id)

  if (profileError) {
    redirect(
      `/change-password?error=${encodeURIComponent(profileError.message)}`,
    )
  }

  redirect('/')
}