import { withAuth } from '../../../../../lib/with-auth';

const API_BASE = process.env.NEXT_PUBLIC_API_URL_INTERNAL || 'http://recipe-api:8080';

export const PATCH = withAuth(async (req, session, context) => {
  try {
    const { id } = await context.params;
    const productId = parseInt(id, 10);
    const body = await req.json();
    const { categoryId } = body;

    const res = await fetch(`${API_BASE}/api/products/${productId}`, {
      method: 'PATCH',
      headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${session.accessToken}` },
      body: JSON.stringify({ categoryId }),
    });

    if (!res.ok) {
      const e = await res.json().catch(() => ({}));
      return Response.json({ error: e.message ?? `HTTP ${res.status}` }, { status: res.status });
    }

    const product = await res.json();
    return Response.json({
      id: product.id,
      name: product.name,
      canonicalName: product.canonicalName ?? null,
      categoryId: product.categoryId ?? null,
    });
  } catch (err) {
    return Response.json(
      { error: err instanceof Error ? err.message : 'Unknown error' },
      { status: 500 },
    );
  }
});