// Force this API route to use Node.js runtime
export const runtime = "nodejs";

import { NextResponse } from "next/server";
import { auth } from "@/lib/auth";
import { getAuditLogStats } from "@/lib/auditLog";

export async function GET(request) {
	try {
		const session = await auth();

		if (!session?.user) {
			return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
		}

		// Only admins and project managers can view audit log statistics
		if (!["admin", "project_manager"].includes(session.user.role)) {
			return NextResponse.json({ error: "Forbidden" }, { status: 403 });
		}

		const { searchParams } = new URL(request.url);

		const filters = {
			startDate: searchParams.get("startDate") || null,
			endDate: searchParams.get("endDate") || null,
		};

		const stats = await getAuditLogStats(filters);

		return NextResponse.json({
			success: true,
			data: stats,
		});
	} catch (error) {
		console.error("Audit log stats API error:", error);
		return NextResponse.json(
			{ error: "Internal server error" },
			{ status: 500 }
		);
	}
}