import { NextResponse } from "next/server";
import bcrypt from "bcryptjs";
import { prisma } from "../../../../lib/prisma";

export async function POST(req: Request) {
  try {
    const body = await req.json();
    const name = body.name as string;
    const email = body.email as string;
    const password = body.password as string;
    const slug = body.slug as string;

    if (!name || !email || !password || !slug) {
      return NextResponse.json(
        { error: "name, email, password, and slug are required." },
        { status: 400 }
      );
    }

    const existing = await prisma.user.findUnique({
      where: { email: email.toLowerCase() },
    });
    if (existing) {
      return NextResponse.json({ error: "Email already in use." }, { status: 409 });
    }

    const existingSlug = await prisma.store.findUnique({ where: { slug } });
    if (existingSlug) {
      return NextResponse.json({ error: "Slug already in use." }, { status: 409 });
    }

    const passwordHash = await bcrypt.hash(password, 10);

    await prisma.user.create({
      data: {
        name,
        email: email.toLowerCase(),
        passwordHash,
        role: "OWNER",
        store: {
          create: {
            slug,
            stripeAccountId: null, // Filled in when the user creates a Connect account.
          },
        },
      },
    });

    return NextResponse.json({ ok: true });
  } catch (err: any) {
    return NextResponse.json(
      { error: err?.message || "Failed to sign up." },
      { status: 500 }
    );
  }
}