import { NextRequest, NextResponse } from 'next/server';
import { getServerSession } from 'next-auth';
import { authOptions } from '@/app/api/auth/[...nextauth]/route';
import * as seedService from '@/lib/services/seedService';

// DELETE to purge all data
export async function DELETE(request: NextRequest) {
  try {
    // Ensure user is authenticated and is an admin
    const session = await getServerSession(authOptions);
    if (!session?.user) {
      return NextResponse.json(
        { error: 'Authentication required' },
        { status: 401 }
      );
    }

    if (session.user.role !== 'ADMIN') {
      return NextResponse.json(
        { error: 'Admin privileges required' },
        { status: 403 }
      );
    }

    // Additional security check - require confirmation in the request body
    const body = await request.json();
    if (!body.confirm || body.confirm !== true) {
      return NextResponse.json(
        { error: 'Confirmation required to purge data' },
        { status: 400 }
      );
    }

    // Purge all data
    await seedService.purgeData();

    return NextResponse.json(
      { message: 'All data purged successfully' },
      { status: 200 }
    );
  } catch (error) {
    console.error('Error purging data:', error);
    return NextResponse.json(
      { error: 'Failed to purge data' },
      { status: 500 }
    );
  }
}