import { NextResponse } from 'next/server'
import { prisma } from '@/lib/db'
import { getCurrentUser } from '@/lib/auth'
import { createAuditLog } from '@/lib/audit'
import crypto from 'crypto'

// GET - Get current API key
export async function GET() {
  try {
    const user = await getCurrentUser()
    if (!user || user.role !== 'SUPERADMIN') {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }

    const apiKeySetting = await prisma.systemSetting.findUnique({
      where: { key: 'ucpApiKey' }
    })

    return NextResponse.json({ 
      apiKey: apiKeySetting?.value || null,
      createdAt: apiKeySetting?.updatedAt || null,
    })
  } catch (error) {
    console.error('[Settings] Error getting API key:', error)
    return NextResponse.json({ error: 'Failed to get API key' }, { status: 500 })
  }
}

// POST - Regenerate API key
export async function POST() {
  try {
    const user = await getCurrentUser()
    if (!user || user.role !== 'SUPERADMIN') {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }

    // Generate new API key
    const newApiKey = `skg_${crypto.randomBytes(32).toString('hex')}`

    await prisma.systemSetting.upsert({
      where: { key: 'ucpApiKey' },
      update: { value: newApiKey },
      create: {
        key: 'ucpApiKey',
        value: newApiKey,
        category: 'security',
        isEncrypted: true,
      }
    })

    // Audit log
    await createAuditLog({
      userId: user.id,
      action: 'API_KEY_REGENERATED',
      resource: 'system',
      details: { regeneratedBy: user.username },
    })

    return NextResponse.json({ 
      apiKey: newApiKey,
      message: 'API Key wurde neu generiert'
    })
  } catch (error) {
    console.error('[Settings] Error regenerating API key:', error)
    return NextResponse.json({ error: 'Failed to regenerate API key' }, { status: 500 })
  }
}