import { NextResponse } from "next/server";
import { z } from "zod";
import { prisma } from "@/lib/db";
import { requireAuth } from "@/lib/auth/middleware";

export async function GET(req: Request) {
  const auth = await requireAuth(req);
  if (!auth.ok) return NextResponse.json({ error: "unauthorized" }, { status: auth.status });
  const projects = await prisma.project.findMany({ orderBy: { createdAt: "desc" } });
  return NextResponse.json({ projects });
}

const CreateBody = z.object({
  name: z.string().min(1).max(120),
  path: z.string().min(1),
  source: z.enum(["manual", "auto-scan"]).default("manual"),
  gitRemote: z.string().nullable().optional(),
  branch: z.string().nullable().optional(),
  version: z.string().nullable().optional(),
  lastCommitHash: z.string().nullable().optional(),
  lastCommitMessage: z.string().nullable().optional(),
  lastCommitTime: z.coerce.date().nullable().optional(),
});

export async function POST(req: Request) {
  const auth = await requireAuth(req);
  if (!auth.ok) return NextResponse.json({ error: "unauthorized" }, { status: auth.status });

  let parsed;
  try {
    parsed = CreateBody.safeParse(await req.json());
  } catch {
    return NextResponse.json({ error: "invalid_json" }, { status: 400 });
  }
  if (!parsed.success) return NextResponse.json({ error: "invalid_body", details: parsed.error.format() }, { status: 400 });

  const dup = await prisma.project.findUnique({ where: { name: parsed.data.name } });
  if (dup) return NextResponse.json({ error: "duplicate_name" }, { status: 409 });

  const project = await prisma.project.create({ data: parsed.data });
  return NextResponse.json({ project }, { status: 201 });
}
