import type { RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../../utils/db';
import { error } from '@sveltejs/kit';
import { authenticateUser } from '$lib/js/authenticate';;
// header: use for bearer token for now
// recipe json in body
export const POST: RequestHandler = async ({request, cookies}) => {
	let message = await request.json()
  	const recipe_json = message.recipe
  	const user = await authenticateUser(cookies)
  	if(!user){
  		throw error(401, "Not logged in")
  	}
  	if(!user.access.includes("rezepte")){
  	      	throw error(401, "This user does not have permissions to add recipes")
  	}
  	else{
		await dbConnect();
  		try{
  	      		await Recipe.create(recipe_json);
  		} catch(e){
  	      		throw error(400, e)
  	      	}
  		await dbDisconnect();
  	      	return new Response(JSON.stringify({msg: "Added recipe successfully"}),{
  	      		    status: 200,
  		});
  	}
};