import { NextRequest, NextResponse } from 'next/server'
import connectDB from '@/lib/mongodb'
import { User } from '@/models/user'
import { verifyRefreshToken } from '@/lib/jwt'

export async function POST(request: NextRequest) {
  try {
    // Get refresh token from cookie
    const refreshToken = request.cookies.get('refreshToken')?.value

    if (refreshToken) {
      // Verify and decode the refresh token to get user ID
      const payload = verifyRefreshToken(refreshToken)

      if (payload) {
        // Connect to database and remove refresh token
        await connectDB()
        await User.findByIdAndUpdate(payload.userId, {
          $unset: { refreshToken: 1 },
        })
      }
    }

    // Create response
    const response = NextResponse.json({
      success: true,
      data: { message: 'Logged out successfully' },
    })

    // Clear cookies
    response.cookies.set('accessToken', '', {
      httpOnly: true,
      secure: process.env.NODE_ENV === 'production',
      sameSite: 'lax',
      maxAge: 0,
      path: '/',
    })

    response.cookies.set('refreshToken', '', {
      httpOnly: true,
      secure: process.env.NODE_ENV === 'production',
      sameSite: 'lax',
      maxAge: 0,
      path: '/',
    })

    return response
  } catch (error) {
    console.error('Logout error:', error)

    // Even if there's an error, we should still clear the cookies
    const response = NextResponse.json({
      success: true,
      data: { message: 'Logged out successfully' },
    })

    response.cookies.set('accessToken', '', { maxAge: 0, path: '/' })
    response.cookies.set('refreshToken', '', { maxAge: 0, path: '/' })

    return response
  }
}