import { NextResponse } from "next/server";
import { createPaymentCollection, initPaymentSession } from "@/lib/medusa";
import { parseBody, isNonEmptyString, isValidMedusaId, badRequest, checkCsrf } from "@/lib/apiUtils";

// POST /api/checkout/payment — create payment collection + Mollie session
export async function POST(request: Request) {
  const csrfError = await checkCsrf();
  if (csrfError) return csrfError;

  const body = await parseBody<{ cartId?: unknown; providerId?: unknown }>(request);
  if (!body) return badRequest("Invalid request body");

  const { cartId, providerId } = body;
  if (!isNonEmptyString(cartId)) {
    return badRequest("Missing cartId");
  }
  if (!isValidMedusaId(cartId)) {
    return badRequest("Invalid cart ID format");
  }

  // Step 1: Create a payment collection for the cart
  let collection;
  try {
    collection = await createPaymentCollection(cartId);
  } catch (e) {
    console.error("[payment:collection]", (e as Error).message);
    return NextResponse.json(
      { error: "Failed to create payment collection" },
      { status: 500 },
    );
  }

  // Step 2: Initialize a payment session with the provider (Mollie)
  try {
    const provider =
      isNonEmptyString(providerId) ? providerId : "pp_mollie-hosted-checkout_mollie";
    const updated = await initPaymentSession(collection.id, provider);
    return NextResponse.json(updated);
  } catch (e) {
    console.error("[payment:session]", (e as Error).message);
    return NextResponse.json(
      { error: "Failed to initialize payment session" },
      { status: 500 },
    );
  }
}