// app/api/auth/login/route.ts
import prisma from "@/lib/prisma";
import { NextResponse } from "next/server";
import { randomOTP } from "../_lib/randomOTP";
import { cookies } from "next/headers";

export async function POST(req: Request) {
  if (req.method !== "POST") {
    return NextResponse.json(
      { success: false, message: "Method Not Allowed" },
      { status: 405 }
    );
  }

  try {
    const { nomor } = await req.json();

    if (!nomor || typeof nomor !== "string") {
      return NextResponse.json(
        { success: false, message: "Nomor tidak valid" },
        { status: 400 }
      );
    }

    const existingUser = await prisma.user.findUnique({
      where: { nomor },
      select: { id: true, isActive: true },
    });

    const isRegistered = !!existingUser;

    if (isRegistered) {
      const codeOtp = randomOTP();
      const otpNumber = Number(codeOtp);

      console.log(`🔑 DEBUG OTP [${nomor}]: ${codeOtp}`);

      const waMessage = `Website Desa Darmasaba - Kode ini bersifat RAHASIA dan JANGAN DI BAGIKAN KEPADA SIAPAPUN, termasuk anggota ataupun Admin lainnya.\n\n>> Kode OTP anda: ${codeOtp}.`;
      const waUrl = `https://wa.wibudev.com/code?nom=${encodeURIComponent(nomor)}&text=${encodeURIComponent(waMessage)}`;
      
      console.log("🔍 Debug WA URL:", waUrl); 
      
      try {
        const res = await fetch(waUrl);
        if (!res.ok) {
           const errorText = await res.text();
           console.error(`⚠️ WA Service HTTP Error: ${res.status} ${res.statusText}. Continuing since OTP is logged.`);
           console.log(`💡 Use this OTP to login: ${codeOtp}`);
        } else {
          const sendWa = await res.json();
          console.log("📱 WA Response:", sendWa);
          if (sendWa.status !== "success") {
            console.error("⚠️ WA Service Logic Error:", sendWa);
          }
        }
      } catch (waError: any) {
        console.error("⚠️ WA Connection Exception. Continuing since OTP is logged.", waError.message);
      }

      const createOtpId = await prisma.kodeOtp.create({
        data: { nomor, otp: otpNumber, isActive: true },
      });

      const cookieStore = await cookies();
      cookieStore.set('auth_flow', 'login', {
        httpOnly: true,
        secure: process.env.NODE_ENV === 'production',
        sameSite: 'lax',
        maxAge: 60 * 5, // 5 menit
        path: '/'
      });

      return NextResponse.json({
        success: true,
        message: "Kode verifikasi dikirim",
        kodeId: createOtpId.id,
        isRegistered: true,
      });
    } else {
      return NextResponse.json({
        success: true,
        message: "Nomor belum terdaftar",
        isRegistered: false,
      });
    }
  } catch (error) {
    console.error("❌ Error Login:", error);
    return NextResponse.json(
      { success: false, message: "Terjadi kesalahan saat login" },
      { status: 500 }
    );
  } finally {
    await prisma.$disconnect();
  }
}