import { NextRequest, NextResponse } from 'next/server';
import { PrismaClient } from '@prisma/client';
import bcrypt from 'bcryptjs';

const prisma = new PrismaClient();

export async function POST(request: NextRequest) {
    try {
        const { username, password } = await request.json();

        if (!username || !password) {
            return NextResponse.json({ error: 'username and password are required' }, { status: 400 });
        }

        const curator = await prisma.curator.findUnique({
            where: { username },
        });

        if (!curator) {
            return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 });
        }

        const isValid = await bcrypt.compare(password, curator.passwordHash);
        if (!isValid) {
            return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 });
        }

        return NextResponse.json({
            success: true,
            curator: {
                id: curator.id,
                username: curator.username,
                isGlobalCurator: curator.isGlobalCurator,
            },
        });
    } catch (error) {
        console.error('Curator login error:', error);
        return NextResponse.json({ error: 'Internal Server Error' }, { status: 500 });
    }
}