trackevery-day/app/api/auth/route.ts

import { NextRequest, NextResponse } from 'next/server';
import { db, users } from '@/lib/db';
import { generateMemorableToken, isValidToken } from '@/lib/auth/tokens';
import { setTokenCookie, getTokenCookie } from '@/lib/auth/cookies';
import { eq } from 'drizzle-orm';

export async function GET() {
  try {
    // Check if user already has a token
    const existingToken = await getTokenCookie();

    if (existingToken) {
      // Verify token exists in database
      const userRows = await db.select().from(users).where(eq(users.token, existingToken));

      if (userRows.length > 0) {
        const user = userRows[0];
        return NextResponse.json({
          authenticated: true,
          token: existingToken,
          userId: user.id,
        });
      }
    }

    return NextResponse.json({ authenticated: false });
  } catch (error) {
    console.error('Auth check error:', error);
    return NextResponse.json({ authenticated: false }, { status: 500 });
  }
}

export async function POST(request: NextRequest) {
  try {
    const body = (await request.json()) as { action: string; token?: string };
    const { action, token } = body;

    if (action === 'create') {
      // Generate new token and create user
      const newToken = generateMemorableToken();

      const newUserRows = await db
        .insert(users)
        .values({
          token: newToken,
        })
        .returning();

      if (newUserRows.length === 0) {
        throw new Error('Failed to create user');
      }

      const newUser = newUserRows[0];
      await setTokenCookie(newToken);

      return NextResponse.json({
        success: true,
        token: newToken,
        userId: newUser.id,
      });
    }

    if (action === 'login' && token) {
      // Validate token format
      if (!isValidToken(token)) {
        return NextResponse.json(
          {
            success: false,
            error: 'Invalid token format',
          },
          { status: 400 },
        );
      }

      // Check if token exists
      const userRows = await db.select().from(users).where(eq(users.token, token));

      if (userRows.length === 0) {
        return NextResponse.json(
          {
            success: false,
            error: 'Token not found',
          },
          { status: 404 },
        );
      }

      const user = userRows[0];
      await setTokenCookie(token);

      return NextResponse.json({
        success: true,
        token,
        userId: user.id,
      });
    }

    return NextResponse.json(
      {
        success: false,
        error: 'Invalid action',
      },
      { status: 400 },
    );
  } catch (error) {
    console.error('Auth error:', error);
    return NextResponse.json(
      {
        success: false,
        error: 'Internal server error',
      },
      { status: 500 },
    );
  }
}