import { describe, it, expect } from 'vitest';
import { createApp } from '../src/app';

const json = { 'content-type': 'application/json' };

describe('GET /api/me', () => {
  it('rejects an unauthenticated request', async () => {
    const app = createApp();
    const res = await app.request('/api/me');
    expect(res.status).toBe(401);
  });

  it('returns the user for a valid bearer token (sign-up -> sign-in -> me)', async () => {
    const app = createApp();
    const creds = { email: 'me@example.com', password: 'sterk-wachtwoord-123', name: 'Me' };

    await app.request('/api/auth/sign-up/email', {
      method: 'POST',
      headers: json,
      body: JSON.stringify(creds),
    });
    const signin = await app.request('/api/auth/sign-in/email', {
      method: 'POST',
      headers: json,
      body: JSON.stringify({ email: creds.email, password: creds.password }),
    });
    const token = signin.headers.get('set-auth-token');

    const res = await app.request('/api/me', {
      headers: { authorization: `Bearer ${token}` },
    });
    expect(res.status).toBe(200);
    const body = await res.json();
    expect(body.user.email).toBe(creds.email);
  });
});