import { NextRequest, NextResponse } from 'next/server';

import { LoginData } from '@/entities/auth/model/types';

export const GET = async (req: NextRequest) => {
  if (req.method !== 'GET') {
    return NextResponse.json(
      { error: 'Method is not supported' },
      { status: 405 },
    );
  }

  const { searchParams } = req.nextUrl;

  const phoneNumber = searchParams.get('phoneNumber');
  const cardNumber = searchParams.get('cardNumber');
  const type = searchParams.get('type');

  if (!phoneNumber || !cardNumber || !type) {
    return NextResponse.json({ error: 'Bad request' }, { status: 400 });
  }

  try {
    const loginRes = await fetch(
      `https://test.oriyo.tj/api/client/login?type=${type}&phone=${phoneNumber}&uid=${cardNumber}`,
      {
        method: 'GET',
      },
    );

    if (!loginRes.ok) {
      return NextResponse.json(
        { error: 'Error during login' },
        { status: 400 },
      );
    }

    const data = (await loginRes.json()) as LoginData;

    const token = data.token;
    if (!token) {
      return NextResponse.json({ error: 'No auth token' }, { status: 401 });
    }

    const response = NextResponse.json({ success: true });

    response.cookies.set('token', token, {
      httpOnly: true,
      path: '/',
      maxAge: 2 * 60 * 60,
      secure: process.env.NODE_ENV === 'production',
    });

    return response;
  } catch (error) {
    console.error('login error:', error);
    return NextResponse.json({ error: 'Server error' }, { status: 500 });
  }
};