import { NextRequest, NextResponse } from "next/server";
import prisma from "@/lib/db";
import { getSession } from "@/lib/auth";
import bcrypt from "bcryptjs";

export async function PUT(req: NextRequest) {
    const session = await getSession();
    if (!session) return NextResponse.json({ error: "Non autorisé" }, { status: 401 });

    try {
        const { email, currentPassword, newPassword } = await req.json();

        // Get current admin
        const sessionEmail = session?.email as string;
        const admin = await prisma.admin.findUnique({ where: { email: sessionEmail } });
        if (!admin) return NextResponse.json({ error: "Admin non trouvé" }, { status: 404 });

        // Verify current password
        const isMatch = await bcrypt.compare(currentPassword, admin.password);
        if (!isMatch) return NextResponse.json({ error: "Mot de passe actuel incorrect" }, { status: 400 });

        // Update data
        const updateData: any = {};
        if (email) updateData.email = email;
        if (newPassword) {
            updateData.password = await bcrypt.hash(newPassword, 10);
        }

        await prisma.admin.update({
            where: { id: admin.id },
            data: updateData
        });

        return NextResponse.json({ success: true });
    } catch (e) {
        console.error(e);
        return NextResponse.json({ error: "Erreur serveur" }, { status: 500 });
    }
}