import prismadb from "@/lib/prismadb";
import { auth } from '@clerk/nextjs/server'
import { NextResponse } from "next/server";

// GET a user by ID
export async function GET(
    req: Request,
    { params }: { params: { userId: string } }
) {
    try {
        if (!params.userId) {
            return new NextResponse("User ID is required", { status: 400 });
        }

        const user = await prismadb.user.findUnique({
            where: {
                id: params.userId,
            },
            include: {
                useraddress: true, // Include addresses if needed
                cartitem: true,    // Include cart items if needed
                userTransaction: true, // Include user transactions if needed
            },
        });

        if (!user) {
            return new NextResponse("User not found", { status: 404 });
        }

        return NextResponse.json(user);
    } catch (error) {
        console.log('[USER_GET]', error);
        return new NextResponse("Internal server error", { status: 500 });
    }
}

// PATCH (update) a user
export async function PATCH(
    req: Request,
    { params }: { params: { userId: string } }
) {
    try {
        const { userId: authUserId } = auth();
        const body = await req.json();

        const {
            firstName,
            lastName,
            email,
            // Add other user fields that you want to update
        } = body;

        if (!authUserId) {
            return new NextResponse("Unauthenticated", { status: 401 });
        }

        if (!params.userId) {
            return new NextResponse("User ID is required", { status: 400 });
        }

        // Check if the user is updating their own account
        if (params.userId !== authUserId) {
            return new NextResponse("Unauthorized", { status: 403 });
        }

        const updatedUser = await prismadb.user.update({
            where: {
                id: params.userId,
            },
            data: {
                firstName,
                lastName,
                email,
                // Include other fields you want to update
            },
        });

        return NextResponse.json(updatedUser);
    } catch (error) {
        console.log('[USER_PATCH]', error);
        return new NextResponse("Internal server error", { status: 500 });
    }
}

// DELETE a user
export async function DELETE(
    req: Request,
    { params }: { params: { userId: string } }
) {
    try {
        const { userId: authUserId } = auth();

        if (!authUserId) {
            return new NextResponse("Unauthenticated", { status: 401 });
        }

        if (!params.userId) {
            return new NextResponse("User ID is required", { status: 400 });
        }

        // Check if the user is deleting their own account or add admin check
        if (params.userId !== authUserId) {
            return new NextResponse("Unauthorized", { status: 403 });
        }

        const deletedUser = await prismadb.user.delete({
            where: {
                id: params.userId,
            },
        });

        return NextResponse.json(deletedUser);
    } catch (error) {
        console.log('[USER_DELETE]', error);
        return new NextResponse("Internal server error", { status: 500 });
    }
}