// @ts-check
import { test, expect } from '@playwright/test';
import { loadTestUser } from '../utils/testUser.js';

test.describe('@p0 Support — burst rate limit', () => {
  test.setTimeout(20000);

  test('rapid submissions eventually return 429 Too Many Requests', async ({ page }) => {
    const user = loadTestUser();
    const stamp = new Date().toISOString().replace(/[-:TZ.]/g, '');

    // 1) Sign in to get an auth cookie (support requires auth)
    await page.context().clearCookies();
    await page.goto('/signin', { waitUntil: 'networkidle' });
    await page.getByPlaceholder('Username', { exact: true }).fill(user.username);
    await page.getByPlaceholder('Password', { exact: true }).fill(user.password);
    await page.getByRole('button', { name: /^Sign In$/ }).click();
    await page.waitForURL('**/signin-landing**', { timeout: 15000 });

    // 2) Fire a small burst of requests to /api/support
    //    (Assumption: burst limiter threshold < 10 in your config)
    const tries = 12;
    const statuses = [];
    for (let i = 0; i < tries; i++) {
      const resp = await page.request.post('/api/support', {
        data: {
          subject: `E2E rate limit test ${stamp} #${i}`,
          message: `Automated burst ${i} at ${new Date().toISOString()} — please ignore.`,
        },
      }).catch(() => null);

      const code = resp ? resp.status() : 0;
      statuses.push(code);

      // Small pacing to keep the server from batching writes too tightly
      await page.waitForTimeout(100);

      // Fast-exit if we already hit the limiter
      if (code === 429) break;
    }

    // Log for report
    console.log('support burst statuses:', statuses.join(', '));

    // 3) Expect at least one 429 Too Many Requests in the burst
    expect(statuses.some((s) => s === 429)).toBeTruthy();
  });
});