import type { ApiRequest, ApiResponse } from '../_lib/types.js'
import { cors, withTelegramAuth } from '../_lib/auth.js'
import { findUserByTelegramId, getFullQuestState } from '../_lib/db.js'

async function handler(req: ApiRequest, res: ApiResponse) {
  cors(req, res)

  if (req.method === 'OPTIONS') {
    return res.status(200).end()
  }

  if (req.method !== 'GET') {
    return res.status(405).json({ error: 'Method not allowed' })
  }

  const telegramUser = req.telegramUser
  if (!telegramUser) {
    return res.status(401).json({ error: 'Not authenticated' })
  }

  const user = await findUserByTelegramId(telegramUser.id)
  if (!user) {
    return res.status(404).json({ error: 'User not found', code: 'USER_NOT_FOUND' })
  }

  const state = await getFullQuestState(user.id)
  if (!state) {
    return res.status(404).json({ error: 'No active quest', code: 'NO_ACTIVE_QUEST' })
  }

  return res.json(state)
}

export default withTelegramAuth(handler)