import { NextResponse } from 'next/server';
import { auth } from '../../../auth';

const API_BASE = process.env.NEXT_PUBLIC_API_URL_INTERNAL || 'http://recipe-api:8080';

export const GET = auth(async function GET(req) {
  const token = (req.auth as any)?.accessToken as string | undefined;
  if (!token) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });

  const url = new URL(req.url);
  const query = url.searchParams.toString();
  const res = await fetch(`${API_BASE}/api/products${query ? `?${query}` : ''}`, {
    headers: { Authorization: `Bearer ${token}` },
    cache: 'no-store',
  });

  const data = await res.json();
  return NextResponse.json(data, { status: res.status });
});