const rateLimit = require('express-rate-limit');
const config = require('../config/config');
const { logger } = require('../utils/logger');

/**
 * Rate limiter for update endpoint
 */
const updateLimiter = rateLimit({
    windowMs: config.rateLimit.windowMs,
    max: config.rateLimit.maxRequests,

    message: {
        error: 'Too many requests',
        message: 'Rate limit exceeded. Please try again later.',
    },

    standardHeaders: true, // Return rate limit info in `RateLimit-*` headers
    legacyHeaders: false, // Disable `X-RateLimit-*` headers

    // Custom handler for rate limit exceeded
    handler: (req, res) => {
        logger.warn('Rate limit exceeded', {
            ip: req.ip,
            path: req.path,
            limit: config.rateLimit.maxRequests,
            window: `${config.rateLimit.windowMs / 1000}s`,
        });

        res.status(429).json({
            error: 'Too many requests',
            message: 'You have exceeded the rate limit. Please try again later.',
            retryAfter: Math.ceil(config.rateLimit.windowMs / 1000),
        });
    },

    // Skip rate limiting for successful requests (optional)
    skip: (req) => {
        // Could skip based on certain conditions, e.g., whitelisted IPs
        return false;
    },

    // Key generator - rate limit per IP
    keyGenerator: (req) => {
        return req.ip;
    },
});

module.exports = {
    updateLimiter,
};