import { NextResponse } from 'next/server'
import { prisma } from '@/lib/db'
import { getSession, requireAdmin } from '@/lib/auth'
import { createAuditLog } from '@/lib/audit'

export async function GET() {
  try {
    const session = await getSession()
    if (!session) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }

    const settings = await prisma.panelSettings.findFirst()
    if (!settings) {
      return NextResponse.json({ error: 'Settings not found' }, { status: 404 })
    }

    // Mask sensitive data for non-admins
    const isAdmin = session.role === 'ADMIN' || session.role === 'OWNER'
    if (!isAdmin) {
      return NextResponse.json({
        ...settings,
        discordClientSecret: settings.discordClientSecret ? '••••••••' : null,
        discordWebhook: settings.discordWebhook ? '••••••••' : null,
      })
    }

    return NextResponse.json(settings)
  } catch (error) {
    console.error('Failed to fetch settings:', error)
    return NextResponse.json({ error: 'Internal server error' }, { status: 500 })
  }
}

export async function PUT(request: Request) {
  try {
    const adminCheck = await requireAdmin()
    if (adminCheck) return adminCheck

    const session = await getSession()
    const data = await request.json()

    // Validate required fields
    if (!data.panelName || !data.serverName) {
      return NextResponse.json(
        { error: 'Panel name and server name are required' },
        { status: 400 }
      )
    }

    // Validate color format
    const colorRegex = /^#[0-9A-Fa-f]{6}$/
    if (data.primaryColor && !colorRegex.test(data.primaryColor)) {
      return NextResponse.json(
        { error: 'Invalid primary color format' },
        { status: 400 }
      )
    }

    const existingSettings = await prisma.panelSettings.findFirst()
    if (!existingSettings) {
      return NextResponse.json({ error: 'Settings not found' }, { status: 404 })
    }

    // Don't overwrite secrets if masked
    const updateData: Record<string, unknown> = {
      panelName: data.panelName,
      serverName: data.serverName,
      serverLogo: data.serverLogo,
      primaryColor: data.primaryColor || '#4f46e5',
      secondaryColor: data.secondaryColor || '#6366f1',
      accentColor: data.accentColor || '#22c55e',
      language: data.language || 'en',
      timezone: data.timezone || 'UTC',
      maintenanceMode: data.maintenanceMode ?? false,
      maintenanceMessage: data.maintenanceMessage,
      demoMode: data.demoMode ?? false,
      registrationEnabled: data.registrationEnabled ?? true,
      maxLoginAttempts: data.maxLoginAttempts || 5,
      sessionTimeout: data.sessionTimeout || 60,
      require2FA: data.require2FA ?? false,
    }

    // Only update secrets if they're not masked
    if (data.discordClientId !== undefined) {
      updateData.discordClientId = data.discordClientId
    }
    if (data.discordClientSecret && data.discordClientSecret !== '••••••••') {
      updateData.discordClientSecret = data.discordClientSecret
    }
    if (data.discordGuildId !== undefined) {
      updateData.discordGuildId = data.discordGuildId
    }
    if (data.discordWebhook && data.discordWebhook !== '••••••••') {
      updateData.discordWebhook = data.discordWebhook
    }

    const updated = await prisma.panelSettings.update({
      where: { id: existingSettings.id },
      data: updateData,
    })

    // Log the action
    await createAuditLog({
      userId: session?.userId,
      action: 'SETTINGS_UPDATED',
      category: 'SETTINGS',
      details: { updatedFields: Object.keys(updateData) },
      ipAddress: request.headers.get('x-forwarded-for') || undefined,
    })

    return NextResponse.json(updated)
  } catch (error) {
    console.error('Failed to update settings:', error)
    return NextResponse.json({ error: 'Internal server error' }, { status: 500 })
  }
}