import { validateSession } from '@/lib/auth/validateSession';
import { supabaseServiceRole } from '@/lib/supabase';
import type { APIRoute } from 'astro';

export const POST: APIRoute = async ({ request }) => {
  const headers = { 'Content-Type': 'application/json' };

  const session = await validateSession(request.headers.get('Authorization'));
  if (!session.valid) {
    return new Response(JSON.stringify({ success: false, message: session.error }), {
      status: 401,
      headers,
    });
  }

  if (!supabaseServiceRole) {
    return new Response(JSON.stringify({ success: false, message: 'Service unavailable' }), {
      status: 503,
      headers,
    });
  }

  try {
    const { localId, ext } = await request.json();

    if (!localId) {
      return new Response(JSON.stringify({ success: false, message: 'localId required' }), {
        status: 400,
        headers,
      });
    }

    const extension = ext || 'jpg';
    const path = `${session.profileId}/${localId}.${extension}`;

    const { data, error } = await supabaseServiceRole.storage
      .from('user_camera_photos')
      .createSignedUploadUrl(path, { upsert: true });

    if (error || !data) {
      return new Response(
        JSON.stringify({
          success: false,
          message: error?.message || 'Failed to create signed URL',
        }),
        { status: 500, headers }
      );
    }

    return new Response(
      JSON.stringify({
        success: true,
        signedUrl: data.signedUrl,
        token: data.token,
        path,
      }),
      { status: 200, headers }
    );
  } catch {
    return new Response(JSON.stringify({ success: false, message: 'Internal server error' }), {
      status: 500,
      headers,
    });
  }
};