import { NextResponse } from "next/server"
import { createSupabaseAdminClient } from "@/lib/supabase/admin"
import { authenticateApiRequest } from "@/lib/api-auth"

export async function GET(request: Request) {
  const authResult = await authenticateApiRequest(request)

  if (!authResult.authenticated) {
    return NextResponse.json(
      { error: authResult.error },
      { status: authResult.status }
    )
  }

  const adminClient = createSupabaseAdminClient()
  const { data, error } = await adminClient
    .from("folders")
    .select("id, name, position")
    .eq("user_id", authResult.user.userIdentifier)
    .order("position", { ascending: true })

  if (error) {
    return NextResponse.json(
      { error: "failed to load folders" },
      { status: 500 }
    )
  }

  return NextResponse.json({
    folders: (data ?? []).map((row) => ({
      identifier: row.id,
      name: row.name,
      position: row.position,
    })),
  })
}