import { NextRequest, NextResponse } from 'next/server'
import jwt from 'jsonwebtoken'
import crypto from 'crypto'

interface PaymentInitiateRequest {
  billing_id: string
  amount: number
  service: string
}

interface UserTokenPayload {
  siliconId: string
  email: string
  type: string
}

/**
 * PayU Payment Gateway Integration
 * Initiates payment for billing records
 */
export async function POST(request: NextRequest) {
  try {
    // Verify user authentication
    const token = request.cookies.get('accessToken')?.value
    if (!token) {
      return NextResponse.json(
        { success: false, message: 'Authentication required' },
        { status: 401 }
      )
    }

    const secret = process.env.JWT_SECRET || 'your-secret-key'
    const user = jwt.verify(token, secret) as UserTokenPayload

    // Parse request body
    const body: PaymentInitiateRequest = await request.json()
    const { billing_id, amount, service } = body

    // Validate input
    if (!billing_id || !amount || amount <= 0 || !service) {
      return NextResponse.json(
        { success: false, message: 'Invalid payment parameters' },
        { status: 400 }
      )
    }

    // TODO: Verify billing record exists and belongs to user
    // In a real implementation, you would check database:
    // const billing = await verifyBillingRecord(billing_id, user.siliconId)

    // PayU configuration (from environment variables)
    const merchantKey = process.env.PAYU_MERCHANT_KEY || 'test-key'
    const merchantSalt = process.env.PAYU_MERCHANT_SALT || 'test-salt'
    const payuUrl = process.env.PAYU_URL || 'https://test.payu.in/_payment'

    // Prepare payment data
    const txnid = billing_id
    const productinfo = service.substring(0, 100)
    const firstname = 'Customer'
    const email = user.email
    const phone = '9876543210' // Default phone or fetch from user profile

    // Success and failure URLs
    const baseUrl = process.env.NEXT_PUBLIC_BASE_URL || 'http://localhost:4024'
    const surl = `${baseUrl}/api/payments/success`
    const furl = `${baseUrl}/api/payments/failure`

    // Generate PayU hash
    const hashString = `${merchantKey}|${txnid}|${amount}|${productinfo}|${firstname}|${email}|||||||||||${merchantSalt}`
    const hash = crypto.createHash('sha512').update(hashString).digest('hex')

    // Return payment form data for frontend submission
    const paymentData = {
      success: true,
      payment_url: payuUrl,
      form_data: {
        key: merchantKey,
        txnid,
        amount: amount.toFixed(2),
        productinfo,
        firstname,
        email,
        phone,
        surl,
        furl,
        hash,
        service_provider: 'payu_paisa',
      },
    }

    return NextResponse.json(paymentData)
  } catch (error) {
    console.error('Payment initiation error:', error)
    return NextResponse.json(
      { success: false, message: 'Payment initiation failed' },
      { status: 500 }
    )
  }
}

// Mock function - in real implementation, verify against database
async function verifyBillingRecord(billingId: string, siliconId: string) {
  // TODO: Implement database verification
  // Check if billing record exists and belongs to the user
  return {
    billing_id: billingId,
    amount: 1000,
    service: 'Cloud Instance',
    user_silicon_id: siliconId,
    status: 'pending',
  }
}