server.js

import "dotenv/config";
import express from 'express';
import cors from "cors";
import { GoogleGenAI } from "@google/genai";
import rateLimit from "express-rate-limit";
import cookieParser from "cookie-parser";
import path from "path";
import { fileURLToPath } from "url";
import connectDB from "./config/database.js";
import authRoutes from "./routes/auth.js";
import roadmapRoutes from "./routes/roadmap.js";

await connectDB();

const app = express();

app.set('trust proxy', 1);

const allowedOrigins = [
  "http://127.0.0.1:5500", 
  "http://localhost:5500", 
  "http://localhost:3000",
  "https://path4developers.vercel.app",
  "https://path4developers.vercel.app/"
];

if (process.env.VERCEL_URL) {
  allowedOrigins.push(`https://${process.env.VERCEL_URL}`);
}

if (process.env.CLIENT_URL && !allowedOrigins.includes(process.env.CLIENT_URL)) {
  allowedOrigins.push(process.env.CLIENT_URL);
}

app.use(
  cors({
    origin: (origin, callback) => {
      if (!origin || allowedOrigins.includes(origin)) {
        callback(null, true);
      } else {
        callback(new Error("Not allowed by CORS"));
      }
    },
    credentials: true,
  })
);
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);

const requiredEnvVars = [
  "GEMINI_API_KEY",
  "MONGODB_URI",
  "JWT_SECRET",
  "SESSION_SECRET",
];
const missingEnvVars = requiredEnvVars.filter(
  (varName) => !process.env[varName]
);

if (missingEnvVars.length > 0) {
  console.error(
    "ERRO: As seguintes variáveis de ambiente estão faltando:",
    missingEnvVars.join(", ")
  );
  process.exit(1);
}
const port = process.env.PORT || 3000;


app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(cookieParser());

app.use(express.static(__dirname));

const apiLimiter = rateLimit({
  windowMs: 1 * 60 * 1000, // 1 minute
  max: 10,
  message:
    "Muitas requisições foram enviadas. Aguarde um minuto e tente novamente.",
  standardHeaders: true,
  legacyHeaders: false,
});
const authLimiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 5,
  message: "Muitas tentativas de login. Tente novamente em 15 minutos.",
  skipSuccessfulRequests: true,
});

const ai = new GoogleGenAI({ apiKey: process.env.GEMINI_API_KEY });

app.use("/api/auth", authLimiter, authRoutes);
app.use("/api/roadmap", roadmapRoutes);

app.post("/api/gemini", apiLimiter, async (req, res) => {
  try {
    const { prompt } = req.body;
    if (!prompt) {
      return res.status(400).json({ error: "O prompt é obrigatório" });
    }
    const response = await ai.models.generateContent({
      model: "gemini-2.0-flash",
      contents: prompt,
    });
    const text = response.text;
    res.json({ text });
  } catch (error) {
    console.error("Erro ao chamar a API do Gemini:", error);
    const status = error.status || 500;
    res.status(status).json({ 
      error: "Falha ao chamar a API do Gemini",
      details: error.message 
    });
  }
});

app.get("/api/health", (req, res) => {
  res.json({
    success: true,
    message: "Servidor funcionando!",
    timestamp: new Date().toISOString(),
  });
});

// Fallback route to serve index.html for non-API routes
app.get(/^(?!\/api).*/, (req, res) => {
  res.sendFile(path.resolve(__dirname, "index.html"));
});

app.use((err, req, res, next) => {
  console.error("Erro não tratado:", err);
  res.status(500).json({
    success: false,
    message:
      "Um erro inesperado ocorreu. Por favor, tente novamente mais tarde.",
    error: process.env.NODE_ENV === "development" ? err.message : undefined,
  });
});

app.use((req, res) => {
  res.status(404).json({
    success: false,
    message: "Rota não encontrada",
  });
});

if (process.env.NODE_ENV !== "production") {
  app.listen(port, () => {
    console.log(`\nServidor rodando em http://localhost:${port}`);
    console.log(`Acesse http://localhost:${port}/index.html no navegador\n`);
  });
}

export default app;