import nodemailer from 'nodemailer';
import { log } from './logger.js';
import { t } from './emaili18n.js';

let transporter;

// Escape HTML special characters to prevent injection in email bodies
function escapeHtml(str) {
  if (!str) return '';
  return String(str)
    .replace(/&/g, '&')
    .replace(/</g, '&lt;')
    .replace(/>/g, '&gt;')
    .replace(/"/g, '&quot;')
    .replace(/'/g, '&#39;');
}

export function initMailer() {
  const host = process.env.SMTP_HOST;
  const port = parseInt(process.env.SMTP_PORT || '587', 10);
  const user = process.env.SMTP_USER;
  const pass = process.env.SMTP_PASS;

  if (!host || !user || !pass) {
    log.mailer.warn('SMTP not configured - email verification disabled');
    return false;
  }

  transporter = nodemailer.createTransport({
    host,
    port,
    secure: port === 465,
    auth: { user, pass },
    connectionTimeout: 10_000,  // 10 s to establish TCP connection
    greetingTimeout: 10_000,   // 10 s to receive SMTP greeting
    socketTimeout: 15_000,     // 15 s of inactivity before abort
  });

  log.mailer.info('SMTP mailer configured');
  return true;
}

export function isMailerConfigured() {
  return !!transporter;
}

/**
 * Send the verification email with a clickable link.
 * @param {string} to      - recipient email
 * @param {string} name    - user's display name
 * @param {string} verifyUrl - full verification URL
 * @param {string} appName  - branding app name (default "Redlight")
 */
// S3: sanitize name for use in email From header (strip quotes, newlines, control chars)
function sanitizeHeaderValue(str) {
  return String(str).replace(/["\\\r\n\x00-\x1f]/g, '').trim().slice(0, 100);
}

export async function sendVerificationEmail(to, name, verifyUrl, appName = 'Redlight', lang = 'en') {
  if (!transporter) {
    throw new Error('SMTP not configured');
  }

  const from = process.env.SMTP_FROM || process.env.SMTP_USER;
  const headerAppName = sanitizeHeaderValue(appName);
  const safeName = escapeHtml(name);
  const safeAppName = escapeHtml(appName);

  await transporter.sendMail({
    from: `"${headerAppName}" <${from}>`,
    to,
    subject: t(lang, 'email.verify.subject', { appName: headerAppName }),
    html: `
      <div style="font-family:Arial,sans-serif;max-width:520px;margin:0 auto;padding:32px;background:#1e1e2e;color:#cdd6f4;border-radius:12px;">
        <h2 style="color:#cba6f7;margin-top:0;">${t(lang, 'email.greeting', { name: safeName })}</h2>
        <p>${t(lang, 'email.verify.intro')}</p>
        <p style="text-align:center;margin:28px 0;">
          <a href="${verifyUrl}"
             style="display:inline-block;background:#cba6f7;color:#1e1e2e;padding:12px 32px;border-radius:8px;text-decoration:none;font-weight:bold;">
            ${t(lang, 'email.verify.button')}
          </a>
        </p>
        <p style="font-size:13px;color:#7f849c;">
          ${t(lang, 'email.linkHint')}<br/>
          <a href="${verifyUrl}" style="color:#89b4fa;word-break:break-all;">${escapeHtml(verifyUrl)}</a>
        </p>
        <p style="font-size:13px;color:#7f849c;">${t(lang, 'email.verify.validity')}</p>
        <hr style="border:none;border-top:1px solid #313244;margin:24px 0;"/>
        <p style="font-size:12px;color:#585b70;">${t(lang, 'email.verify.footer')}</p>
      </div>
    `,
    text: `${t(lang, 'email.greeting', { name })}\n\n${t(lang, 'email.verify.intro')}\n${verifyUrl}\n\n${t(lang, 'email.verify.validity')}\n\n- ${appName}`,
  });
}

/**
 * Send a federation meeting invitation email.
 * @param {string} to          - recipient email
 * @param {string} name        - recipient display name
 * @param {string} fromUser    - sender federated address (user@domain)
 * @param {string} roomName    - name of the invited room
 * @param {string} message     - optional personal message
 * @param {string} inboxUrl    - URL to the federation inbox
 * @param {string} appName     - branding app name (default "Redlight")
 */
export async function sendFederationInviteEmail(to, name, fromUser, roomName, message, inboxUrl, appName = 'Redlight', lang = 'en') {
  if (!transporter) return; // silently skip if SMTP not configured

  const from = process.env.SMTP_FROM || process.env.SMTP_USER;
  const headerAppName = sanitizeHeaderValue(appName);
  const safeName = escapeHtml(name);
  const safeFromUser = escapeHtml(fromUser);
  const safeRoomName = escapeHtml(roomName);
  const safeMessage = message ? escapeHtml(message) : null;
  const safeAppName = escapeHtml(appName);

  const introHtml = t(lang, 'email.federationInvite.intro')
    .replace('{fromUser}', `<strong style="color:#cdd6f4;">${safeFromUser}</strong>`);

  await transporter.sendMail({
    from: `"${headerAppName}" <${from}>`,
    to,
    subject: t(lang, 'email.federationInvite.subject', { appName: headerAppName, fromUser: sanitizeHeaderValue(fromUser) }),
    html: `
      <div style="font-family:Arial,sans-serif;max-width:520px;margin:0 auto;padding:32px;background:#1e1e2e;color:#cdd6f4;border-radius:12px;">
        <h2 style="color:#cba6f7;margin-top:0;">${t(lang, 'email.greeting', { name: safeName })}</h2>
        <p>${introHtml}</p>
        <div style="background:#313244;border-radius:8px;padding:16px;margin:20px 0;">
          <p style="margin:0 0 8px 0;font-size:13px;color:#7f849c;">${t(lang, 'email.federationInvite.roomLabel')}</p>
          <p style="margin:0;font-size:16px;font-weight:bold;color:#cdd6f4;">${safeRoomName}</p>
          ${safeMessage ? `<p style="margin:12px 0 0 0;font-size:13px;color:#a6adc8;font-style:italic;">&quot;${safeMessage}&quot;</p>` : ''}
        </div>
        <p style="text-align:center;margin:28px 0;">
          <a href="${inboxUrl}"
             style="display:inline-block;background:#cba6f7;color:#1e1e2e;padding:12px 32px;border-radius:8px;text-decoration:none;font-weight:bold;">
            ${t(lang, 'email.viewInvitation')}
          </a>
        </p>
        <hr style="border:none;border-top:1px solid #313244;margin:24px 0;"/>
        <p style="font-size:12px;color:#585b70;">${t(lang, 'email.invitationFooter')}</p>
      </div>
    `,
    text: `${t(lang, 'email.greeting', { name })}\n\n${t(lang, 'email.federationInvite.intro', { fromUser })}\n${t(lang, 'email.federationInvite.roomLabel')} ${roomName}${message ? `\n"${message}"` : ''}\n\n${t(lang, 'email.viewInvitation')}: ${inboxUrl}\n\n- ${appName}`,
  });
}

/**
 * Send a guest meeting invitation email with a direct join link.
 * @param {string} to        - recipient email
 * @param {string} fromUser  - sender display name
 * @param {string} roomName  - name of the room
 * @param {string} message   - optional personal message
 * @param {string} joinUrl   - direct guest join URL
 * @param {string} appName   - branding app name
 * @param {string} lang      - language code
 */
export async function sendGuestInviteEmail(to, fromUser, roomName, message, joinUrl, appName = 'Redlight', lang = 'en') {
  if (!transporter) {
    throw new Error('SMTP not configured');
  }

  const from = process.env.SMTP_FROM || process.env.SMTP_USER;
  const headerAppName = sanitizeHeaderValue(appName);
  const safeFromUser = escapeHtml(fromUser);
  const safeRoomName = escapeHtml(roomName);
  const safeMessage = message ? escapeHtml(message) : null;

  const introHtml = t(lang, 'email.guestInvite.intro')
    .replace('{fromUser}', `<strong style="color:#cdd6f4;">${safeFromUser}</strong>`);

  await transporter.sendMail({
    from: `"${headerAppName}" <${from}>`,
    to,
    subject: t(lang, 'email.guestInvite.subject', { appName: headerAppName, fromUser: sanitizeHeaderValue(fromUser) }),
    html: `
      <div style="font-family:Arial,sans-serif;max-width:520px;margin:0 auto;padding:32px;background:#1e1e2e;color:#cdd6f4;border-radius:12px;">
        <h2 style="color:#cba6f7;margin-top:0;">Meeting Invitation</h2>
        <p>${introHtml}</p>
        <div style="background:#313244;border-radius:8px;padding:16px;margin:20px 0;">
          <p style="margin:0 0 8px 0;font-size:13px;color:#7f849c;">${t(lang, 'email.guestInvite.roomLabel')}</p>
          <p style="margin:0;font-size:16px;font-weight:bold;color:#cdd6f4;">${safeRoomName}</p>
          ${safeMessage ? `<p style="margin:12px 0 0 0;font-size:13px;color:#a6adc8;font-style:italic;">&quot;${safeMessage}&quot;</p>` : ''}
        </div>
        <p style="text-align:center;margin:28px 0;">
          <a href="${joinUrl}"
             style="display:inline-block;background:#cba6f7;color:#1e1e2e;padding:12px 32px;border-radius:8px;text-decoration:none;font-weight:bold;">
            ${t(lang, 'email.guestInvite.joinButton')}
          </a>
        </p>
        <p style="font-size:13px;color:#7f849c;">
          ${t(lang, 'email.linkHint')}<br/>
          <a href="${joinUrl}" style="color:#89b4fa;word-break:break-all;">${escapeHtml(joinUrl)}</a>
        </p>
        <hr style="border:none;border-top:1px solid #313244;margin:24px 0;"/>
        <p style="font-size:12px;color:#585b70;">${t(lang, 'email.guestInvite.footer')}</p>
      </div>
    `,
    text: `${t(lang, 'email.guestInvite.intro', { fromUser })}\n${t(lang, 'email.guestInvite.roomLabel')} ${roomName}${message ? `\n"${message}"` : ''}\n\n${t(lang, 'email.guestInvite.joinButton')}: ${joinUrl}\n\n- ${appName}`,
  });
}

/**
 * Send a calendar event invitation email (federated).
 */
export async function sendCalendarInviteEmail(to, name, fromUser, title, startTime, endTime, description, inboxUrl, appName = 'Redlight', lang = 'en') {
  if (!transporter) return;

  const from = process.env.SMTP_FROM || process.env.SMTP_USER;
  const headerAppName = sanitizeHeaderValue(appName);
  const safeName = escapeHtml(name);
  const safeFromUser = escapeHtml(fromUser);
  const safeTitle = escapeHtml(title);
  const safeDesc = description ? escapeHtml(description) : null;

  const formatDate = (iso) => {
    try { return new Date(iso).toLocaleString(lang === 'de' ? 'de-DE' : 'en-GB', { dateStyle: 'full', timeStyle: 'short' }); }
    catch { return iso; }
  };

  const introHtml = t(lang, 'email.calendarInvite.intro')
    .replace('{fromUser}', `<strong style="color:#cdd6f4;">${safeFromUser}</strong>`);

  await transporter.sendMail({
    from: `"${headerAppName}" <${from}>`,
    to,
    subject: t(lang, 'email.calendarInvite.subject', { appName: headerAppName, fromUser: sanitizeHeaderValue(fromUser) }),
    html: `
      <div style="font-family:Arial,sans-serif;max-width:520px;margin:0 auto;padding:32px;background:#1e1e2e;color:#cdd6f4;border-radius:12px;">
        <h2 style="color:#cba6f7;margin-top:0;">${t(lang, 'email.greeting', { name: safeName })}</h2>
        <p>${introHtml}</p>
        <div style="background:#313244;border-radius:8px;padding:16px;margin:20px 0;">
          <p style="margin:0 0 4px 0;font-size:15px;font-weight:bold;color:#cdd6f4;">${safeTitle}</p>
          <p style="margin:6px 0 0 0;font-size:13px;color:#a6adc8;">🕐 ${escapeHtml(formatDate(startTime))} - ${escapeHtml(formatDate(endTime))}</p>
          ${safeDesc ? `<p style="margin:10px 0 0 0;font-size:13px;color:#a6adc8;font-style:italic;">&quot;${safeDesc}&quot;</p>` : ''}
        </div>
        <p style="text-align:center;margin:28px 0;">
          <a href="${inboxUrl}"
             style="display:inline-block;background:#cba6f7;color:#1e1e2e;padding:12px 32px;border-radius:8px;text-decoration:none;font-weight:bold;">
            ${t(lang, 'email.viewInvitation')}
          </a>
        </p>
        <hr style="border:none;border-top:1px solid #313244;margin:24px 0;"/>
        <p style="font-size:12px;color:#585b70;">${t(lang, 'email.invitationFooter')}</p>
      </div>
    `,
    text: `${t(lang, 'email.greeting', { name })}\n\n${t(lang, 'email.calendarInvite.intro', { fromUser })}\n${safeTitle}\n${formatDate(startTime)} \u2013 ${formatDate(endTime)}${description ? `\n\n"${description}"` : ''}\n\n${t(lang, 'email.viewInvitation')}: ${inboxUrl}\n\n\u2013 ${appName}`,
  });
}

/**
 * Notify a user that a federated calendar event they received was deleted by the organiser.
 */
export async function sendCalendarEventDeletedEmail(to, name, fromUser, title, appName = 'Redlight', lang = 'en') {
  if (!transporter) return;

  const from = process.env.SMTP_FROM || process.env.SMTP_USER;
  const headerAppName = sanitizeHeaderValue(appName);
  const safeName = escapeHtml(name);
  const safeFromUser = escapeHtml(fromUser);
  const safeTitle = escapeHtml(title);

  const introHtml = t(lang, 'email.calendarDeleted.intro')
    .replace('{fromUser}', `<strong style="color:#cdd6f4;">${safeFromUser}</strong>`);

  await transporter.sendMail({
    from: `"${headerAppName}" <${from}>`,
    to,
    subject: t(lang, 'email.calendarDeleted.subject', { appName: headerAppName, title: sanitizeHeaderValue(title) }),
    html: `
      <div style="font-family:Arial,sans-serif;max-width:520px;margin:0 auto;padding:32px;background:#1e1e2e;color:#cdd6f4;border-radius:12px;">
        <h2 style="color:#f38ba8;margin-top:0;">${t(lang, 'email.greeting', { name: safeName })}</h2>
        <p>${introHtml}</p>
        <div style="background:#313244;border-radius:8px;padding:16px;margin:20px 0;border-left:4px solid #f38ba8;">
          <p style="margin:0;font-size:15px;font-weight:bold;color:#cdd6f4;">${safeTitle}</p>
        </div>
        <p style="font-size:13px;color:#7f849c;">${t(lang, 'email.calendarDeleted.note')}</p>
        <hr style="border:none;border-top:1px solid #313244;margin:24px 0;"/>
        <p style="font-size:12px;color:#585b70;">${t(lang, 'email.calendarDeleted.footer', { appName: escapeHtml(appName) })}</p>
      </div>
    `,
    text: `${t(lang, 'email.greeting', { name })}\n\n${t(lang, 'email.calendarDeleted.intro', { fromUser })}\n"${title}"\n\n${t(lang, 'email.calendarDeleted.note')}\n\n\u2013 ${appName}`,
  });
}

/**
 * Send a user registration invite email.
 * @param {string} to          - recipient email
 * @param {string} inviteUrl   - full invite registration URL
 * @param {string} appName     - branding app name (default "Redlight")
 */
export async function sendInviteEmail(to, inviteUrl, appName = 'Redlight', lang = 'en') {
  if (!transporter) {
    throw new Error('SMTP not configured');
  }

  const from = process.env.SMTP_FROM || process.env.SMTP_USER;
  const headerAppName = sanitizeHeaderValue(appName);
  const safeAppName = escapeHtml(appName);

  const introHtml = t(lang, 'email.invite.intro')
    .replace('{appName}', `<strong style="color:#cdd6f4;">${safeAppName}</strong>`);

  await transporter.sendMail({
    from: `"${headerAppName}" <${from}>`,
    to,
    subject: t(lang, 'email.invite.subject', { appName: headerAppName }),
    html: `
      <div style="font-family:Arial,sans-serif;max-width:520px;margin:0 auto;padding:32px;background:#1e1e2e;color:#cdd6f4;border-radius:12px;">
        <h2 style="color:#cba6f7;margin-top:0;">${t(lang, 'email.invite.title')}</h2>
        <p>${introHtml}</p>
        <p>${t(lang, 'email.invite.prompt')}</p>
        <p style="text-align:center;margin:28px 0;">
          <a href="${inviteUrl}"
             style="display:inline-block;background:#cba6f7;color:#1e1e2e;padding:12px 32px;border-radius:8px;text-decoration:none;font-weight:bold;">
            ${t(lang, 'email.invite.button')}
          </a>
        </p>
        <p style="font-size:13px;color:#7f849c;">
          ${t(lang, 'email.linkHint')}<br/>
          <a href="${inviteUrl}" style="color:#89b4fa;word-break:break-all;">${escapeHtml(inviteUrl)}</a>
        </p>
        <p style="font-size:13px;color:#7f849c;">${t(lang, 'email.invite.validity')}</p>
        <hr style="border:none;border-top:1px solid #313244;margin:24px 0;"/>
        <p style="font-size:12px;color:#585b70;">${t(lang, 'email.invite.footer')}</p>
      </div>
    `,
    text: `${t(lang, 'email.invite.title')}\n\n${t(lang, 'email.invite.intro', { appName })}\n\n${t(lang, 'email.invite.prompt')}\n${inviteUrl}\n\n${t(lang, 'email.invite.validity')}\n\n- ${appName}`,
  });
}