import { NextResponse } from "next/server"
import { getSession } from "@/server/session"
import { UserRole } from "@prisma/client"

export async function POST(req: Request) {
  const session = await getSession()
  const pending = session.portalPending
  if (!pending) {
    return NextResponse.json({ error: "NO_PENDING_SELECTION" }, { status: 400 })
  }

  const body = await req.json().catch(() => null)
  const clientId = String(body?.client_id ?? "").trim()
  if (!clientId) {
    return NextResponse.json({ error: "MISSING_CLIENT_ID" }, { status: 400 })
  }

  const client = pending.clients.find((c) => String(c.id) === clientId)
  if (!client) {
    return NextResponse.json({ error: "INVALID_CLIENT_ID" }, { status: 400 })
  }

  session.user = {
    id: `portal:${pending.contatoId}`,
    email: pending.email,
    name: pending.name ?? null,
    role: UserRole.CLIENT_VIEWER,
    tenantId: null,
    cnpj: client.cnpj ?? null,
  }
  session.portalPending = undefined
  await session.save()

  return NextResponse.json({ ok: true })
}