import { NextRequest, NextResponse } from "next/server";
import { auth } from "@/auth";
import { db } from "@/lib/db";

async function requireAdmin(req: NextRequest) {
  const session = await auth();
  if (!session?.user || (session.user as any).role !== "ADMIN") {
    return null;
  }
  return session;
}

export async function POST(req: NextRequest) {
  const session = await requireAdmin(req);
  if (!session) {
    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
  }

  const body = await req.json();
  const { titleFr, titleEn, titleEs, descFr, descEn, descEs, slug, category, level, published, thumbnailUrl } = body;

  if (!titleFr || !slug) {
    return NextResponse.json({ error: "Missing required fields" }, { status: 400 });
  }

  try {
    const course = await db.course.create({
      data: {
        titleFr,
        titleEn: titleEn || titleFr,
        titleEs: titleEs || titleFr,
        descFr: descFr || "",
        descEn: descEn || "",
        descEs: descEs || "",
        slug,
        category: category || "OTHER",
        level: level || "BEGINNER",
        published: published || false,
        thumbnailUrl: thumbnailUrl || null,
      },
    });
    return NextResponse.json(course);
  } catch (err: any) {
    if (err.code === "P2002") {
      return NextResponse.json({ error: "Slug already exists" }, { status: 409 });
    }
    return NextResponse.json({ error: "Internal error" }, { status: 500 });
  }
}