import { NextRequest, NextResponse } from 'next/server';
import { createClient, getSupabaseAdmin } from '@/lib/supabase/server';

const CEO_PIN = '5050';

/**
 * GET /api/faq - Get published FAQ entries (public)
 * With x-ceo-pin header: returns all entries including unpublished
 */
export async function GET(request: NextRequest) {
  try {
    const pin = request.headers.get('x-ceo-pin') || new URL(request.url).searchParams.get('pin');
    const isAdmin = pin === CEO_PIN;

    const client = isAdmin ? getSupabaseAdmin() : await createClient();

    let query = client
      .from('faq_entries')
      .select('*')
      .order('category')
      .order('sort_order', { ascending: true });

    if (!isAdmin) {
      query = query.eq('published', true);
    }

    const { data, error } = await query;

    if (error) {
      console.error('FAQ fetch error:', error);
      return NextResponse.json({ error: 'Failed to fetch FAQs' }, { status: 500 });
    }

    // Group by category
    const grouped: Record<string, typeof data> = { worker: [], contractor: [], general: [] };
    for (const entry of data || []) {
      if (grouped[entry.category]) {
        grouped[entry.category].push(entry);
      }
    }

    return NextResponse.json({ data: grouped });
  } catch (err) {
    console.error('FAQ GET error:', err);
    return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
  }
}

/**
 * POST /api/faq - Create a new FAQ entry (admin only)
 */
export async function POST(request: NextRequest) {
  try {
    const pin = request.headers.get('x-ceo-pin');
    if (pin !== CEO_PIN) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
    }

    const body = await request.json();
    const { category, question, answer, sort_order, published } = body;

    if (!category || !question?.trim() || !answer?.trim()) {
      return NextResponse.json({ error: 'Category, question, and answer required' }, { status: 400 });
    }

    if (!['worker', 'contractor', 'general'].includes(category)) {
      return NextResponse.json({ error: 'Invalid category' }, { status: 400 });
    }

    const admin = getSupabaseAdmin();
    const { data, error } = await admin
      .from('faq_entries')
      .insert({
        category,
        question: question.trim(),
        answer: answer.trim(),
        sort_order: sort_order ?? 99,
        published: published ?? true,
      })
      .select()
      .single();

    if (error) {
      console.error('FAQ insert error:', error);
      return NextResponse.json({ error: 'Failed to create FAQ' }, { status: 500 });
    }

    return NextResponse.json({ data }, { status: 201 });
  } catch (err) {
    console.error('FAQ POST error:', err);
    return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
  }
}

/**
 * PATCH /api/faq - Update a FAQ entry (admin only)
 */
export async function PATCH(request: NextRequest) {
  try {
    const pin = request.headers.get('x-ceo-pin');
    if (pin !== CEO_PIN) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
    }

    const body = await request.json();
    const { id, question, answer, sort_order, published, category } = body;

    if (!id) {
      return NextResponse.json({ error: 'id required' }, { status: 400 });
    }

    const updates: Record<string, unknown> = {};
    if (question !== undefined) updates.question = question.trim();
    if (answer !== undefined) updates.answer = answer.trim();
    if (sort_order !== undefined) updates.sort_order = sort_order;
    if (published !== undefined) updates.published = published;
    if (category !== undefined) updates.category = category;

    if (Object.keys(updates).length === 0) {
      return NextResponse.json({ error: 'No updates' }, { status: 400 });
    }

    const admin = getSupabaseAdmin();
    const { data, error } = await admin
      .from('faq_entries')
      .update(updates)
      .eq('id', id)
      .select()
      .single();

    if (error) {
      console.error('FAQ update error:', error);
      return NextResponse.json({ error: 'Failed to update FAQ' }, { status: 500 });
    }

    return NextResponse.json({ data });
  } catch (err) {
    console.error('FAQ PATCH error:', err);
    return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
  }
}

/**
 * DELETE /api/faq - Delete a FAQ entry (admin only)
 */
export async function DELETE(request: NextRequest) {
  try {
    const pin = request.headers.get('x-ceo-pin');
    if (pin !== CEO_PIN) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
    }

    const { id } = await request.json();
    if (!id) {
      return NextResponse.json({ error: 'id required' }, { status: 400 });
    }

    const admin = getSupabaseAdmin();
    const { error } = await admin
      .from('faq_entries')
      .delete()
      .eq('id', id);

    if (error) {
      console.error('FAQ delete error:', error);
      return NextResponse.json({ error: 'Failed to delete FAQ' }, { status: 500 });
    }

    return NextResponse.json({ success: true });
  } catch (err) {
    console.error('FAQ DELETE error:', err);
    return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
  }
}
