const express = require('express');
const jwt = require('jsonwebtoken');
const router = express.Router();

const users = [];

router.post('/register', (req, res) => {
    const user = req.body;
    users.push(user);
    res.send({ message: 'User registered' });
});

router.post('/login', (req, res) => {
    const { username, password } = req.body;
    const user = users.find(u => u.username === username && u.password === password);
    if (!user) return res.status(401).send('Invalid credentials');

    const token = jwt.sign({ username }, 'secretkey', { expiresIn: '1h' });
    res.send({ token });
});

router.get('/profile', verifyToken, (req, res) => {
    res.send({ message: 'Welcome to your profile!', user: req.user });
});

function verifyToken(req, res, next) {
    const token = req.headers['authorization'];
    if (!token) return res.status(403).send('No token provided');
    jwt.verify(token, 'secretkey', (err, decoded) => {
        if (err) return res.status(401).send('Invalid token');
        req.user = decoded;
        next();
    });
}

module.exports = router;