import { createClient } from '@supabase/supabase-js';

import * as z from 'zod';

import {
  apiError,
  apiSuccess,
  emailSchema,
  requiredString,
} from '@kit/next/route-helpers';
import { getLogger } from '@kit/shared/logger';

const NewsletterSchema = z.object({
  accountId: requiredString('accountId'),
  email: emailSchema,
  name: z.string().optional(),
});

export async function POST(request: Request) {
  const logger = await getLogger();

  try {
    const body = await request.json();
    const parsed = NewsletterSchema.safeParse(body);

    if (!parsed.success) {
      return apiError(parsed.error.issues[0]?.message ?? 'Ungültige Eingabe');
    }

    const { accountId, email, name } = parsed.data;

    const supabase = createClient(
      process.env.NEXT_PUBLIC_SUPABASE_URL!,
      process.env.SUPABASE_SERVICE_ROLE_KEY ||
        process.env.NEXT_PUBLIC_SUPABASE_PUBLIC_KEY!,
    );

    const token = crypto.randomUUID();
    const { error } = await supabase.from('newsletter_subscriptions').upsert(
      {
        account_id: accountId,
        email,
        name: name || null,
        confirmation_token: token,
        is_active: true,
      },
      { onConflict: 'account_id,email' },
    );

    if (error) {
      logger.error(
        { error, context: 'newsletter-subscription' },
        '[newsletter] Subscription error',
      );
      return apiError('Anmeldung fehlgeschlagen', 500);
    }

    return apiSuccess({ message: 'Erfolgreich angemeldet' });
  } catch (err) {
    logger.error({ error: err, context: 'newsletter' }, '[newsletter] Error');
    return apiError('Serverfehler', 500);
  }
}