import { NextResponse } from 'next/server';
import { cookies } from 'next/headers';
import { jwtVerify } from 'jose';
import pool from '@/lib/db';

export async function GET() {
  let connection;
  try {
    const token = (await (await cookies()).get('token'))?.value;

    if (!token) {
      return NextResponse.json(
        { error: 'Unauthorized' },
        { status: 401 }
      );
    }

    // Verify JWT token
    const { payload } = await jwtVerify(
      token,
      new TextEncoder().encode(process.env.JWT_SECRET || 'your-secret-key')
    );

    // Get connection from pool
    connection = await pool.getConnection();

    // Get user data
    const [users]: any = await connection.execute(
      'SELECT id_user, nim, username, role FROM user WHERE id_user = ?',
      [payload.id]
    );

    if (users.length === 0) {
      connection.release();
      return NextResponse.json(
        { error: 'User not found' },
        { status: 404 }
      );
    }

    const user = users[0];
    connection.release();

    return NextResponse.json({
      user: {
        id: user.id_user,
        nim: user.nim,
        username: user.username,
        role: user.role
      }
    });
  } catch (error) {
    if (connection) {
      connection.release();
    }

    console.error('Auth check error:', error);
    return NextResponse.json(
      { error: 'Unauthorized' },
      { status: 401 }
    );
  }
}