import { auth } from "@/lib/auth";
import {
  getAllSettings,
  saveSetting,
  checkIntegrationStatus,
  SETTINGS_CONFIG,
  type SettingKey,
} from "@/lib/settings";

export async function GET(request: Request) {
  const session = await auth();
  if (!session) return new Response("Unauthorized", { status: 401 });

  const { searchParams } = new URL(request.url);
  const includeStatus = searchParams.get("status") === "true";

  const settings = await getAllSettings();

  // Mask secret values for display
  const masked: Record<string, string> = {};
  for (const [key, value] of Object.entries(settings)) {
    const config = SETTINGS_CONFIG[key as SettingKey];
    if (config && "secret" in config && config.secret && value) {
      masked[key] = value.slice(0, 4) + "..." + value.slice(-4);
    } else {
      masked[key] = value;
    }
  }

  const result: Record<string, unknown> = { settings: masked };

  if (includeStatus) {
    result.status = await checkIntegrationStatus();
  }

  return Response.json(result);
}

export async function PUT(request: Request) {
  const session = await auth();
  if (!session) return new Response("Unauthorized", { status: 401 });

  const body = await request.json();
  const { key, value } = body;

  if (!key || typeof value !== "string") {
    return Response.json({ error: "key and value required" }, { status: 400 });
  }

  if (!(key in SETTINGS_CONFIG)) {
    return Response.json({ error: "Invalid setting key" }, { status: 400 });
  }

  await saveSetting(key as SettingKey, value);

  return Response.json({ ok: true });
}