import { NextRequest, NextResponse } from 'next/server'
import { getDb } from '@/server/db'
import { USER_AUTH_SQL, USER_AUTH_TABLES } from '@/server/userAuthSql'

const ALLOWED_DEVICES_TABLE = USER_AUTH_TABLES.userAllowedDevices

export async function GET(request: NextRequest) {
    try {
        // TODO: ? session/cookie ??????? ID
        const userId = 'temp_user' // ?????????????

        const db = await getDb()

        const currentSessionId = request.cookies.get('sessionId')?.value || ''

        const devices = await db.all<{
            id: string
            deviceType: string
            deviceName: string
            userAgent: string
            regDate: number
            sessionId: string | null
        }>(
            `SELECT ad.device_id AS id,
                    ad.device_type AS deviceType,
                    ad.device_name AS deviceName,
                    ad.user_agent AS userAgent,
                    ad.register_at AS regDate,
                    ad.session_id AS sessionId
             FROM ${ALLOWED_DEVICES_TABLE} ad
             WHERE ad.user_id = ?
             ORDER BY ad.register_at DESC`,
            [userId]
        )

        return NextResponse.json({
            ok: true,
            devices: devices.map((d) => ({
                id: d.id,
                deviceType: d.deviceType || '-',
                deviceName: d.deviceName || '-',
                userAgent: d.userAgent || '-',
                regDate: d.regDate,
                isSession: d.sessionId === currentSessionId,
            })),
        })
    } catch (error: any) {
        console.error('Failed to fetch my devices:', error)
        return NextResponse.json(
            { ok: false, message: error?.message || 'Failed to fetch my devices' },
            { status: 500 }
        )
    }
}

export async function POST(request: NextRequest) {
    try {
        const body = await request.json()
        const { deviceId } = body

        // TODO: ? session/cookie ??????? ID
        const userId = 'temp_user' // ?????????????

        const db = await getDb()

        const session = await db.get<{
            id: string
            deviceType: string
            deviceName: string
            userAgent: string
        }>(USER_AUTH_SQL.selectSessionForMyDevices, [deviceId, userId])

        if (!session) {
            return NextResponse.json(
                { ok: false, message: 'Session not found' },
                { status: 404 }
            )
        }

        const existing = await db.get<{ id: string }>(
            `SELECT device_id AS id FROM ${ALLOWED_DEVICES_TABLE} WHERE session_id = ? AND user_id = ?`,
            [session.id, userId]
        )

        if (existing) {
            return NextResponse.json({ ok: true })
        }

        const allowedDeviceId = `allowed_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`
        const nowSec = Math.floor(Date.now() / 1000)
        await db.run(
            `INSERT INTO ${ALLOWED_DEVICES_TABLE} (
                device_id, user_id, session_id, device_type, device_name, user_agent, register_at, created_at
             ) VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
            [
                allowedDeviceId,
                userId,
                session.id,
                session.deviceType,
                session.deviceName,
                session.userAgent,
                nowSec,
                nowSec,
            ]
        )

        return NextResponse.json({ ok: true })
    } catch (error: any) {
        console.error('Failed to register device:', error)
        return NextResponse.json(
            { ok: false, message: error?.message || 'Failed to register device' },
            { status: 500 }
        )
    }
}

export async function DELETE(request: NextRequest) {
    try {
        const body = await request.json()
        const { deviceId, all } = body

        // TODO: ? session/cookie ??????? ID
        const userId = 'temp_user' // ?????????????

        const db = await getDb()

        if (all) {
            await db.run(
                `DELETE FROM ${ALLOWED_DEVICES_TABLE} WHERE user_id = ?`,
                [userId]
            )
        } else if (deviceId) {
            await db.run(
                `DELETE FROM ${ALLOWED_DEVICES_TABLE} WHERE device_id = ? AND user_id = ?`,
                [deviceId, userId]
            )
        }

        return NextResponse.json({ ok: true })
    } catch (error: any) {
        console.error('Failed to unregister device:', error)
        return NextResponse.json(
            { ok: false, message: error?.message || 'Failed to unregister device' },
            { status: 500 }
        )
    }
}

