import { NextResponse } from "next/server";
import { isNonEmptyString } from "@/lib/apiUtils";
import { getAuthToken } from "@/lib/auth";

const MEDUSA_URL = process.env.MEDUSA_URL ?? process.env.NEXT_PUBLIC_MEDUSA_URL ?? "http://localhost:9000";
const API_KEY = process.env.MEDUSA_PUBLISHABLE_KEY ?? process.env.NEXT_PUBLIC_MEDUSA_PUBLISHABLE_KEY ?? "";

// GET /api/checkout/downloads?orderId=xxx
export async function GET(request: Request) {
  const token = await getAuthToken();
  if (!token) {
    return NextResponse.json({ error: "Not authenticated" }, { status: 401 });
  }

  const { searchParams } = new URL(request.url);
  const orderId = searchParams.get("orderId");

  if (!isNonEmptyString(orderId)) {
    return NextResponse.json({ error: "Missing orderId" }, { status: 400 });
  }

  try {
    const res = await fetch(
      `${MEDUSA_URL}/store/order-downloads?order_id=${encodeURIComponent(orderId)}`,
      {
        headers: {
          "x-publishable-api-key": API_KEY,
          Authorization: `Bearer ${token}`,
        },
      },
    );

    if (!res.ok) {
      console.error("[downloads]", `Medusa returned ${res.status} for order ${orderId}`);
      return NextResponse.json(
        { error: "Failed to fetch downloads" },
        { status: res.status >= 400 && res.status < 500 ? res.status : 500 },
      );
    }

    const data = await res.json();
    return NextResponse.json(data);
  } catch (e) {
    console.error("[downloads]", (e as Error).message);
    return NextResponse.json({ error: "Failed to fetch downloads" }, { status: 500 });
  }
}