import { authService } from "../service/auth";

export default defineEventHandler(async (event) => {
  const refreshToken = getCookie(event, "refresh_token");
  if (!refreshToken) {
    setResponseStatus(event, 401);
    return { error: { code: "TOKEN_EXPIRED", message: "未登录" } };
  }

  try {
    const { accessToken, newRefreshToken } = await authService.refreshToken(refreshToken);

    setCookie(event, "refresh_token", newRefreshToken, {
      httpOnly: true,
      secure: process.env.NODE_ENV === "production",
      sameSite: "strict",
      maxAge: 7 * 24 * 60 * 60,
      path: "/",
    });

    return { accessToken };
  } catch (err: unknown) {
    const e = err as { code?: string; message?: string };
    setResponseStatus(event, 401);
    return { error: { code: e.code ?? "TOKEN_EXPIRED", message: e.message ?? "Token 无效" } };
  }
});