import { NextRequest } from "next/server";
import { verifyPaypalWebhook } from "@/lib/billing/paypal";
import { handlePaypalEvent } from "@/lib/billing/webhooks/paypal";
import { alreadyProcessed, logWebhook } from "@/lib/billing/webhook-log";

export const dynamic = "force-dynamic";

const SIG_HEADERS = [
  "paypal-auth-algo",
  "paypal-cert-url",
  "paypal-transmission-id",
  "paypal-transmission-sig",
  "paypal-transmission-time",
];

export async function POST(req: NextRequest) {
  const body = await req.text();
  const headers: Record<string, string | undefined> = {};
  for (const h of SIG_HEADERS) headers[h] = req.headers.get(h) ?? undefined;

  const verified = await verifyPaypalWebhook(headers, body).catch(() => false);
  if (!verified) {
    console.error("[paypal webhook] verification failed");
    return new Response("Invalid signature", { status: 400 });
  }

  const event = JSON.parse(body) as { id?: string; event_type?: string };
  const eventId = event.id ?? `paypal_${Date.now()}`;
  if (event.id && (await alreadyProcessed(eventId))) return new Response("ok (duplicate)");

  try {
    await handlePaypalEvent(event as Parameters<typeof handlePaypalEvent>[0]);
    await logWebhook("paypal", eventId, event.event_type ?? "unknown", "processed");
  } catch (err) {
    console.error("[paypal webhook] handler error", err);
    await logWebhook("paypal", eventId, event.event_type ?? "unknown", "failed", err instanceof Error ? err.message : String(err));
    return new Response("Handler error", { status: 500 });
  }
  return new Response("ok");
}