import { generateRegistrationOptions } from '@simplewebauthn/server'

import { requireAuth } from '../../../../utils/auth'
import { listCredentialDescriptors } from '../../../../utils/user-repository'
import { getWebAuthnConfig, storeRegistrationChallenge } from '../../../../utils/webauthn'

export default defineEventHandler(async (event) => {
  const auth = await requireAuth(event)
  const config = getWebAuthnConfig(event)
  const excludeCredentials = await listCredentialDescriptors(auth.user.id)
  const options = await generateRegistrationOptions({
    rpName: config.rpName,
    rpID: config.rpID,
    userName: auth.user.username,
    userDisplayName: auth.user.fullName,
    userID: Buffer.from(auth.user.id),
    excludeCredentials,
    authenticatorSelection: {
      residentKey: 'required',
      userVerification: 'preferred'
    },
    preferredAuthenticatorType: 'localDevice'
  })

  await storeRegistrationChallenge(auth.user.id, options.challenge)

  return {
    options
  }
})