import { NextResponse } from "next/server";
import { withAdminAuth } from "@/lib/middleware/auth";
import db from "@/lib/db";

// GET: Get all settings
async function getSettingsHandler() {
	try {
		const settings = db.prepare("SELECT * FROM settings ORDER BY key").all();
		return NextResponse.json(settings);
	} catch (error) {
		console.error("Error fetching settings:", error);
		return NextResponse.json(
			{ error: "Failed to fetch settings" },
			{ status: 500 }
		);
	}
}

// PUT: Update a setting
async function updateSettingHandler(request) {
	try {
		const { key, value } = await request.json();

		if (!key || value === undefined) {
			return NextResponse.json(
				{ error: "Key and value are required" },
				{ status: 400 }
			);
		}

		const updatedBy = request.user.id;

		const stmt = db.prepare(`
			INSERT OR REPLACE INTO settings (key, value, updated_at, updated_by)
			VALUES (?, ?, CURRENT_TIMESTAMP, ?)
		`);

		stmt.run(key, value, updatedBy);

		return NextResponse.json({ success: true });
	} catch (error) {
		console.error("Error updating setting:", error);
		return NextResponse.json(
			{ error: "Failed to update setting" },
			{ status: 500 }
		);
	}
}

// Protected routes - require admin authentication
export const GET = withAdminAuth(getSettingsHandler);
export const PUT = withAdminAuth(updateSettingHandler);