// app/api/auth/send-email-otp/route.ts
// Email OTP 전송 API 엔드포인트

import { NextRequest, NextResponse } from 'next/server';
import { z } from 'zod';
import { getUserById } from '@/lib/users/repository';
import { generateAndSendEmailToken } from '@/lib/users/auth/passwordUtil';

const sendEmailOtpSchema = z.object({
  userId: z.number(),
  email: z.string().email().optional(),
  userName: z.string().optional(),
});

export async function POST(request: NextRequest) {
  try {
    const body = await request.json();
    const { userId, email, userName } = sendEmailOtpSchema.parse(body);

    // 본인 확인
    if (!userId) {
      return NextResponse.json(
        { error: '권한이 없습니다' },
        { status: 403 }
      );
    }

    // 사용자 정보 조회
    const user = await getUserById(userId);
    if (!user || !user.email) {
      return NextResponse.json(
        { error: '이메일 주소가 등록되지 않았습니다' },
        { status: 400 }
      );
    }

    // Email OTP 전송
    const userEmail = email || user.email;
    const userDisplayName = userName || user.name;
    
    const result = await generateAndSendEmailToken(
      Number(userId), 
      userEmail,
      userDisplayName
    );
    
    if (result.success) {
      return NextResponse.json({ 
        success: true,
        message: '이메일 인증번호가 전송되었습니다' 
      });
    } else {
      return NextResponse.json(
        { error: result.error },
        { status: 400 }
      );
    }

  } catch (error) {
    if (error instanceof z.ZodError) {
      return NextResponse.json(
        { error: '잘못된 요청입니다' },
        { status: 400 }
      );
    }

    console.error('Email OTP send API error:', error);
    return NextResponse.json(
      { error: '서버 오류가 발생했습니다' },
      { status: 500 }
    );
  }
}