import type { APIRoute } from 'astro'

// POST /api/consent - บันทึก consent
export const POST: APIRoute = async ({ request }) => {
  try {
    const body = await request.json()
    const { session_id, essential, analytics, marketing, functional } = body

    if (!session_id) {
      return new Response(JSON.stringify({ error: 'session_id is required' }), {
        status: 400,
        headers: { 'Content-Type': 'application/json' },
      })
    }

    // Get client info
    const ipAddress = request.headers.get('x-forwarded-for')?.split(',')[0] || 'unknown'
    const userAgent = request.headers.get('user-agent') || 'unknown'

    // Build consent record
    const consentTypes = []
    if (essential) consentTypes.push('essential')
    if (analytics) consentTypes.push('analytics')
    if (marketing) consentTypes.push('marketing')
    if (functional) consentTypes.push('functional')

    // In Payload CMS, you would save this to the consent-logs collection
    // For now, return success (Payload integration happens at build time)
    const record = {
      sessionId: session_id,
      consentType: consentTypes.length === 4 ? 'accept_all' : consentTypes.join(','),
      granted: analytics || marketing || functional,
      ipAddress,
      userAgent,
      metadata: { essential, analytics, marketing, functional },
      createdAt: new Date().toISOString(),
    }

    // Log for debugging (remove in production)
    console.log('[Consent API] New consent record:', JSON.stringify(record))

    return new Response(JSON.stringify({ success: true, record }), {
      status: 200,
      headers: { 'Content-Type': 'application/json' },
    })
  } catch (error) {
    console.error('[Consent API] Error:', error)
    return new Response(JSON.stringify({ error: 'Internal server error' }), {
      status: 500,
      headers: { 'Content-Type': 'application/json' },
    })
  }
}

// GET /api/consent - ตรวจสอบ consent ของ session
export const GET: APIRoute = async ({ request }) => {
  try {
    const url = new URL(request.url)
    const sessionId = url.searchParams.get('session_id')

    if (!sessionId) {
      return new Response(JSON.stringify({ error: 'session_id is required' }), {
        status: 400,
        headers: { 'Content-Type': 'application/json' },
      })
    }

    // In Payload CMS, query the consent-logs collection
    // For now, return not found (Payload integration happens at build time)
    return new Response(JSON.stringify({ error: 'Not implemented in template' }), {
      status: 501,
      headers: { 'Content-Type': 'application/json' },
    })
  } catch (error) {
    console.error('[Consent API] Error:', error)
    return new Response(JSON.stringify({ error: 'Internal server error' }), {
      status: 500,
      headers: { 'Content-Type': 'application/json' },
    })
  }
}