import { NextRequest, NextResponse } from 'next/server'
import { db } from '@/lib/db'
import { requireAuth } from '@/lib/api-auth'
import { hashPassword } from '@/lib/auth'
import { sendUserCreatedEmail } from '@/lib/email'

export async function GET(request: NextRequest) {
  try {
    const authResult = await requireAuth(['ADMIN'])(request)
    if ('error' in authResult) return authResult.error

    const managers = await db.user.findMany({
      where: { role: 'MANAGER' },
      select: {
        id: true,
        email: true,
        name: true,
        phone: true,
        role: true,
        isActive: true,
        createdAt: true,
      },
      orderBy: { name: 'asc' },
    })

    return NextResponse.json({ managers })
  } catch (error) {
    console.error('Error:', error)
    return NextResponse.json(
      { error: 'Error interno del servidor' },
      { status: 500 }
    )
  }
}

export async function POST(request: NextRequest) {
  try {
    const authResult = await requireAuth(['ADMIN'])(request)
    if ('error' in authResult) return authResult.error

    const body = await request.json()

    if (!body.email || !body.name || !body.password) {
      return NextResponse.json(
        { error: 'Email, nombre y contraseña son requeridos' },
        { status: 400 }
      )
    }

    const existing = await db.user.findUnique({ where: { email: body.email } })
    if (existing) {
      return NextResponse.json(
        { error: 'El email ya está registrado' },
        { status: 409 }
      )
    }

    const passwordHash = await hashPassword(body.password)
    const manager = await db.user.create({
      data: {
        email: body.email.trim(),
        name: body.name.trim(),
        phone: body.phone?.trim() || null,
        passwordHash,
        role: 'MANAGER',
      },
      select: {
        id: true,
        email: true,
        name: true,
        phone: true,
        role: true,
        isActive: true,
      },
    })

    // Send welcome email (non-blocking, don't fail if email fails)
    sendUserCreatedEmail({
      to: manager.email,
      name: manager.name,
      password: body.password,
      role: 'MANAGER',
    }).catch((err) => {
      console.error('Failed to send welcome email:', err)
    })

    return NextResponse.json({ manager }, { status: 201 })
  } catch (error) {
    console.error('Error:', error)
    return NextResponse.json(
      { error: 'Error interno del servidor' },
      { status: 500 }
    )
  }
}
