import type { NextApiRequest, NextApiResponse } from "next"
import { db, schema } from '../../../lib/db/connection'
import { eq } from 'drizzle-orm'
import bcrypt from 'bcryptjs'

export default async function handler(req: NextApiRequest, res: NextApiResponse) {
  if (req.method !== "POST") return res.status(405).json({ error: "Method not allowed" })
  
  const { email, password } = req.body
  
  if (!email || !password) {
    return res.status(400).json({ error: "Email and password required" })
  }
  
  try {
    const users = await db.select()
      .from(schema.users)
      .where(eq(schema.users.email, email))
      .limit(1)
    
    if (users.length === 0) {
      return res.status(401).json({ error: "Invalid credentials" })
    }
    
    const user = users[0]
    
    if (!user.isActive) {
      return res.status(401).json({ error: "Account is disabled" })
    }
    
    const isValidPassword = await bcrypt.compare(password, user.passwordHash)
    if (!isValidPassword) {
      return res.status(401).json({ error: "Invalid credentials" })
    }
    
    // Update last login
    await db.update(schema.users)
      .set({ lastLogin: new Date() })
      .where(eq(schema.users.id, user.id))
    
    res.json({
      success: true,
      user: {
        id: user.id,
        email: user.email,
        role: user.role
      },
      token: Buffer.from(`${user.id}:${Date.now()}`).toString('base64')
    })
    
  } catch (error) {
    console.error('Login error:', error)
    res.status(500).json({ error: "Login failed" })
  }
}