import {NextRequest, NextResponse} from "next/server";
import {logAudit} from "@/lib/audit/log";
import {prisma} from "@/lib/db/prisma";
import {forgotPasswordSchema} from "@/lib/validations/auth";

export async function POST(request: NextRequest) {
  const body = await request.json();
  const parsed = forgotPasswordSchema.safeParse(body);

  if (!parsed.success) {
    return NextResponse.json({error: "Invalid email address."}, {status: 400});
  }

  const user = await prisma.user.findUnique({
    where: {
      email: parsed.data.email.toLowerCase()
    },
    include: {
      memberships: true
    }
  });

  if (user) {
    await logAudit({
      action: "UPDATE",
      entityType: "UserPasswordReset",
      entityId: user.id,
      tenantId: user.memberships[0]?.tenantId ?? null,
      userId: user.id,
      newValues: {
        requestedAt: new Date().toISOString()
      }
    });
  }

  return NextResponse.json({
    message: "If the account exists, reset instructions were generated."
  });
}