import { NextResponse } from "next/server";

import { isAdminAuthorized } from "@/lib/admin/adminAuth";
import { deleteBlogImage, saveBlogImage } from "@/lib/admin/blogAdmin";
import { deleteImage, saveImageObject } from "@/lib/admin/blogDb";

export const runtime = "nodejs";

function shouldWriteImagesToDisk(): boolean {
  const raw = String(process.env.CMS_WRITE_IMAGES_TO_DISK || "").trim().toLowerCase();
  if (!raw) return false;
  return !(raw === "0" || raw === "false" || raw === "no" || raw === "off");
}

function maxImageBytes(): number {
  const raw = String(process.env.CMS_MAX_IMAGE_BYTES || "").trim();
  const parsed = Number(raw);
  if (!Number.isFinite(parsed) || parsed <= 0) return 10 * 1024 * 1024;
  return Math.floor(parsed);
}

export async function POST(req: Request) {
  if (!isAdminAuthorized(req)) {
    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
  }

  let form: FormData;
  try {
    form = await req.formData();
  } catch {
    return NextResponse.json({ error: "Invalid form data" }, { status: 400 });
  }

  const file = form.get("file");
  if (!file || !(file instanceof File)) {
    return NextResponse.json({ error: "Missing file" }, { status: 400 });
  }

  const desiredNameRaw = String(form.get("fileName") || "").trim();
  const fileName = desiredNameRaw || file.name || "image";
  const maxBytes = maxImageBytes();
  if (file.size > maxBytes) {
    return NextResponse.json(
      { error: `Image too large. Max allowed is ${Math.floor(maxBytes / (1024 * 1024))}MB.` },
      { status: 413 }
    );
  }

  const bytes = new Uint8Array(await file.arrayBuffer());
  try {
    // Store as an "object" in the CMS database.
    // Disk mirroring is optional and disabled by default.
    const saved = await saveImageObject({ desiredFileName: fileName, mimeType: file.type, bytes });
    if (shouldWriteImagesToDisk()) {
      try {
        await saveBlogImage(saved.fileName, bytes);
      } catch {
        // ignore (hosted environments may have read-only filesystems)
      }
    } else {
      // Keep the working tree clean when DB-only mode is enabled.
      try {
        await deleteBlogImage(saved.fileName);
      } catch {
        // ignore
      }
    }
    return NextResponse.json({
      ok: true,
      fileName: saved.fileName,
      publicPath: `/blog/images/${saved.fileName}`,
    });
  } catch (err: any) {
    return NextResponse.json({ error: err?.message || "Unable to save image." }, { status: 400 });
  }
}

export async function DELETE(req: Request) {
  if (!isAdminAuthorized(req)) {
    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
  }

  let payload: any;
  try {
    payload = await req.json();
  } catch {
    return NextResponse.json({ error: "Invalid payload" }, { status: 400 });
  }

  const fileName = String(payload?.fileName || "").trim();
  if (!fileName) return NextResponse.json({ error: "Missing fileName" }, { status: 400 });

  try {
    await deleteImage(fileName);
    try {
      await deleteBlogImage(fileName);
    } catch {
      // ignore
    }
    return NextResponse.json({ ok: true });
  } catch (err: any) {
    return NextResponse.json({ error: err?.message || "Unable to delete image." }, { status: 400 });
  }
}