import { withAuth } from '../../../../lib/with-auth';

const API_BASE = process.env.NEXT_PUBLIC_API_URL_INTERNAL || 'http://recipe-api:8080';

export const POST = withAuth(async (req, session) => {
  try {
    const body = await req.json();
    const { name } = body;

    if (!name || typeof name !== 'string') {
      return Response.json({ error: 'Name is required' }, { status: 400 });
    }

    const res = await fetch(`${API_BASE}/api/products`, {
      method: 'POST',
      headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${session.accessToken}` },
      body: JSON.stringify({ name }),
    });

    if (!res.ok) {
      const e = await res.json().catch(() => ({}));
      return Response.json({ error: e.message ?? `HTTP ${res.status}` }, { status: res.status });
    }

    const product = await res.json();
    return Response.json({
      id: product.id,
      name: product.name,
      canonicalName: product.canonicalName ?? null,
    });
  } catch (err) {
    return Response.json(
      { error: err instanceof Error ? err.message : 'Unknown error' },
      { status: 500 },
    );
  }
});