import { prisma, PrismaClient } from "@repo/db";
import { NextRequest, NextResponse } from "next/server";
import { sign } from "jsonwebtoken";

export const GET = async (req: NextRequest) => {
	const client = new PrismaClient();
	const accessToken =
		req.nextUrl.searchParams.get("token") ||
		req.nextUrl.searchParams.get("code");
	const client_id = req.nextUrl.searchParams.get("client_id");
	const client_secret = req.nextUrl.searchParams.get("client_secret");

	if (!accessToken)
		return new Response("No access token provided", { status: 400 });

	if (!client_id)
		return new Response("No client ID token provided", { status: 400 });

	const accessRequest = await client.oAuthToken.findFirst({
		where: {
			accessToken: accessToken,
			clientId: client_id,
		},
		include: {
			user: true,
		},
	});
	if (!accessRequest)
		return new Response("Access token not found", { status: 404 });

	if (new Date().getTime() - accessRequest?.createdAt.getTime() > 60 * 1000) {
		await prisma.oAuthToken.delete({
			where: {
				id: accessRequest.id,
			},
		});
		return new Response("Code expired", { status: 400 });
	}

	const jwt = sign(accessRequest.user, process.env.NEXTAUTH_SECRET as string, {
		expiresIn: "30d",
	});

	return Response.json({
		user: accessRequest.user,
		jwt,
	});
};