(local lib (require :lib))

(fn create-order [db]
  (let [id (_G.must (luna.crypto.random-string 64))]
    (_G.must
     (luna.db.exec
       db "INSERT INTO orders (id, creation_time) VALUES (?, ?)"
       [id (lib.now)]))
    id))

(fn create-order-line [db order-id name quantity]
  (_G.must
    (luna.db.exec
      db
      "INSERT INTO order_lines (order_id, product_name, quantity) VALUES (?, ?, ?)"
      [order-id name quantity])))

(fn render [request db]
  (if (= request.method "POST")
    (do
      (var order-id (lib.order-id request))
      (var headers
       (if (not order-id)
         (do
          (set order-id (create-order db))
          {:Set-Cookie (.. "order= " order-id "; HttpOnly; SameSite=strict"
                           (if luna.debug? "" "; Secure"))})
         {}))

      (if (and order-id request.body)
        (let [body-values (lib.parse-values request.body)]
          (create-order-line db order-id body-values.name body-values.quantity)
          (tset headers :Location "/shop")
          (values 302 headers ""))
        (values 400 {} "bad body")))
    (values 404 {} "not found")))

{: render}