import { verifyAccessToken } from "../service/auth/lib/jwt";
import { dbGlobal } from "@/drizzle-pkg/lib/db";
import { users } from "@/drizzle-pkg/lib/schema/auth";
import { eq } from "drizzle-orm";

export default defineEventHandler(async (event) => {
  const accessToken = getHeader(event, "authorization")?.replace("Bearer ", "");
  if (!accessToken) {
    setResponseStatus(event, 401);
    return { error: { code: "TOKEN_EXPIRED", message: "未登录" } };
  }

  const payload = await verifyAccessToken(accessToken);
  if (!payload) {
    setResponseStatus(event, 401);
    return { error: { code: "TOKEN_EXPIRED", message: "Token 无效" } };
  }

  const [user] = await dbGlobal
    .select({
      id: users.id,
      email: users.email,
      username: users.username,
      role: users.role,
      status: users.status,
    })
    .from(users)
    .where(eq(users.id, payload.userId))
    .limit(1);

  if (!user) {
    setResponseStatus(event, 404);
    return { error: { code: "NOT_FOUND", message: "用户不存在" } };
  }

  return { user };
});