import { NextRequest, NextResponse } from 'next/server'
import { UserService } from '@/lib/services/database-service'

const userService = new UserService()

export async function GET(request: NextRequest) {
  try {
    const { searchParams } = new URL(request.url)
    const userId = searchParams.get('userId')

    if (!userId) {
      return NextResponse.json(
        { error: '缺少用戶ID' },
        { status: 400 }
      )
    }

    const user = await userService.findById(userId)
    if (!user) {
      return NextResponse.json(
        { error: '用戶不存在' },
        { status: 404 }
      )
    }

    // 返回用戶信息（不包含密碼）
    const { password_hash, ...userWithoutPassword } = user
    return NextResponse.json({
      success: true,
      user: userWithoutPassword
    })

  } catch (error) {
    console.error('獲取用戶資料錯誤:', error)
    return NextResponse.json(
      { error: '獲取用戶資料時發生錯誤' },
      { status: 500 }
    )
  }
}

export async function PUT(request: NextRequest) {
  try {
    const { userId, ...updateData } = await request.json()

    if (!userId) {
      return NextResponse.json(
        { error: '缺少用戶ID' },
        { status: 400 }
      )
    }

    // 如果更新密碼，需要加密
    if (updateData.password) {
      const bcrypt = require('bcryptjs')
      const saltRounds = 12
      updateData.password_hash = await bcrypt.hash(updateData.password, saltRounds)
      delete updateData.password
    }

    const updatedUser = await userService.update(userId, updateData)
    if (!updatedUser) {
      return NextResponse.json(
        { error: '用戶不存在' },
        { status: 404 }
      )
    }

    // 返回更新後的用戶信息（不包含密碼）
    const { password_hash, ...userWithoutPassword } = updatedUser
    return NextResponse.json({
      success: true,
      user: userWithoutPassword
    })

  } catch (error) {
    console.error('更新用戶資料錯誤:', error)
    return NextResponse.json(
      { error: '更新用戶資料時發生錯誤' },
      { status: 500 }
    )
  }
}