import { NextResponse } from "next/server"
import { createSupabaseServerClient } from "@/lib/supabase/server"
import { checkBotId } from "botid/server"

const MAX_NOTE_LENGTH = 1000

export async function DELETE(
  _request: Request,
  { params }: { params: Promise<{ token: string }> }
) {
  const botVerification = await checkBotId()
  if (botVerification.isBot) {
    return NextResponse.json({ error: "access denied" }, { status: 403 })
  }

  const supabaseClient = await createSupabaseServerClient()
  const {
    data: { user },
  } = await supabaseClient.auth.getUser()

  if (!user) {
    return NextResponse.json({ error: "not authenticated" }, { status: 401 })
  }

  const { token } = await params

  const { error } = await supabaseClient
    .from("shared_entries")
    .delete()
    .eq("share_token", token)
    .eq("user_id", user.id)

  if (error) {
    return NextResponse.json(
      { error: "failed to delete share" },
      { status: 500 }
    )
  }

  return new Response(null, { status: 204 })
}

export async function PATCH(
  request: Request,
  { params }: { params: Promise<{ token: string }> }
) {
  const botVerification = await checkBotId()
  if (botVerification.isBot) {
    return NextResponse.json({ error: "access denied" }, { status: 403 })
  }

  const supabaseClient = await createSupabaseServerClient()
  const {
    data: { user },
  } = await supabaseClient.auth.getUser()

  if (!user) {
    return NextResponse.json({ error: "not authenticated" }, { status: 401 })
  }

  const { token } = await params
  const body = await request.json().catch(() => null)
  if (!body || typeof body !== "object") {
    return NextResponse.json({ error: "invalid request body" }, { status: 400 })
  }
  const rawNote = body.note

  let note: string | null = null
  if (rawNote !== undefined && rawNote !== null) {
    if (typeof rawNote !== "string") {
      return NextResponse.json(
        { error: "note must be a string" },
        { status: 400 }
      )
    }
    if (rawNote.length > MAX_NOTE_LENGTH) {
      return NextResponse.json(
        { error: `note must be ${MAX_NOTE_LENGTH} characters or fewer` },
        { status: 400 }
      )
    }
    note = rawNote.trim() || null
  }

  const updatePayload: Record<string, unknown> = {}
  if (rawNote !== undefined) {
    updatePayload.note = note
  }
  if (typeof body.noteIsPublic === "boolean") {
    updatePayload.note_is_public = body.noteIsPublic
  }

  if (Object.keys(updatePayload).length === 0) {
    return NextResponse.json({ ok: true })
  }

  const { error } = await supabaseClient
    .from("shared_entries")
    .update(updatePayload)
    .eq("share_token", token)
    .eq("user_id", user.id)

  if (error) {
    return NextResponse.json(
      { error: "failed to update share" },
      { status: 500 }
    )
  }

  return NextResponse.json({ ok: true })
}