import { type NextRequest, NextResponse } from "next/server";
import { neonAuth } from "@/lib/auth/server";
import { prisma } from "@/lib/prisma";

// MIGRATED: Removed "export const dynamic = 'force-dynamic'" - dynamic by default with Cache Components

interface UserBasicInfo {
  id: string;
  email: string;
  name: string | null;
  role: string;
}

export async function GET(_request: NextRequest) {
  const { session: authSession, user: authUser } = await neonAuth();
  if (!authSession || !authUser?.email) {
    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
  }

  // Look up user in our database to get companyId and role
  const user = await prisma.user.findUnique({
    where: { email: authUser.email },
    select: { companyId: true, role: true },
  });

  if (!user || !user.companyId) {
    return NextResponse.json(
      { error: "User not found or no company" },
      { status: 401 }
    );
  }

  // Check for admin role
  if (user.role !== "ADMIN") {
    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
  }

  const users = await prisma.user.findMany({
    where: { companyId: user.companyId },
  });

  const mappedUsers: UserBasicInfo[] = users.map((u) => ({
    id: u.id,
    email: u.email,
    name: u.name,
    role: u.role,
  }));

  return NextResponse.json({ users: mappedUsers });
}

/**
 * POST /api/dashboard/users
 * Invite a new user to the company (creates a placeholder record)
 * The user will need to sign up via Neon Auth using the same email
 */
export async function POST(request: NextRequest) {
  const { session: authSession, user: authUser } = await neonAuth();
  if (!authSession || !authUser?.email) {
    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
  }

  // Look up user in our database to get companyId and role
  const user = await prisma.user.findUnique({
    where: { email: authUser.email },
    select: { companyId: true, role: true, email: true },
  });

  if (!user || !user.companyId) {
    return NextResponse.json(
      { error: "User not found or no company" },
      { status: 401 }
    );
  }

  // Check for admin role
  if (user.role !== "ADMIN") {
    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
  }

  const body = await request.json();
  const { email, name, role } = body;

  if (!email || !role) {
    return NextResponse.json({ error: "Missing fields" }, { status: 400 });
  }

  const exists = await prisma.user.findUnique({ where: { email } });
  if (exists) {
    return NextResponse.json(
      { error: "Email already exists" },
      { status: 409 }
    );
  }

  // Create user record (they'll complete signup via Neon Auth)
  await prisma.user.create({
    data: {
      email,
      name: name || null,
      companyId: user.companyId,
      role,
      invitedBy: user.email,
      invitedAt: new Date(),
    },
  });

  // TODO: Send invitation email with sign-up link
  return NextResponse.json({
    ok: true,
    message:
      "User invited. They should sign up at /auth/sign-up with this email.",
  });
}