import { NextResponse } from 'next/server'
import { getCurrentUser } from '@/lib/auth'
import { prisma } from '@/lib/db'

export async function GET() {
  try {
    const currentUser = await getCurrentUser()
    if (!currentUser) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }

    // Only admins can view audit logs
    if (!['ADMIN', 'SUPERADMIN'].includes(currentUser.role)) {
      return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
    }

    // Check if AuditLog table exists
    try {
      const logs = await prisma.auditLog.findMany({
        include: {
          user: {
            select: {
              username: true,
              avatar: true,
            },
          },
        },
        orderBy: {
          createdAt: 'desc',
        },
        take: 100,
      })

      return NextResponse.json({
        logs: logs.map(log => ({
          id: log.id,
          userId: log.userId,
          username: log.user?.username || 'Unknown',
          avatar: log.user?.avatar,
          action: log.action,
          target: log.target || '',
          details: log.details || '',
          ipAddress: log.ipAddress || '',
          createdAt: log.createdAt.toISOString(),
        })),
      })
    } catch {
      // Table might not exist yet
      return NextResponse.json({ logs: [] })
    }
  } catch (error) {
    console.error('[API] Failed to fetch audit logs:', error)
    return NextResponse.json({ error: 'Failed to fetch audit logs' }, { status: 500 })
  }
}