import { NextRequest, NextResponse } from 'next/server'
import { prisma } from '@/lib/prisma'
import bcrypt from 'bcryptjs'

// POST verify password for protected microsite
export async function POST(
  request: NextRequest,
  { params }: { params: Promise<{ slug: string }> }
) {
  try {
    const { slug } = await params
    const body = await request.json()
    const { password } = body

    const microsite = await prisma.microsite.findUnique({
      where: { slug },
    })

    if (!microsite) {
      return NextResponse.json(
        { success: false, error: 'Microsite not found' },
        { status: 404 }
      )
    }

    if (!microsite.password) {
      return NextResponse.json(
        { success: false, error: 'This microsite is not password protected' },
        { status: 400 }
      )
    }

    const isValid = await bcrypt.compare(password, microsite.password)

    if (!isValid) {
      return NextResponse.json(
        { success: false, error: 'Invalid password' },
        { status: 401 }
      )
    }

    return NextResponse.json({ success: true, message: 'Password correct' })
  } catch (error) {
    return NextResponse.json(
      { success: false, error: 'Failed to verify password' },
      { status: 500 }
    )
  }
}