import { Readable } from "node:stream";
import { NextRequest } from "next/server";
import { prisma } from "@/lib/db";
import { rateLimit, LIMITS } from "@/lib/ratelimit";
import { storage } from "@/lib/storage";

export const dynamic = "force-dynamic";

/** Best-effort client IP for anonymous rate limiting. */
function clientKey(req: NextRequest): string {
  const fwd = req.headers.get("x-forwarded-for");
  if (fwd) return fwd.split(",")[0].trim();
  return req.headers.get("x-real-ip") ?? "anon";
}

/**
 * Stream an episode's MP3 to anonymous visitors, authorized purely by a valid,
 * still-enabled public `shareId` (NOT a session). Returns 404 when the share is
 * disabled or the audio is missing so we never disclose private episode state.
 *
 * Supports HTTP Range requests so the audio element can seek/scrub. The file is
 * streamed off disk (never buffered whole) to avoid memory-amplification DoS.
 */
export async function GET(
  req: NextRequest,
  { params }: { params: Promise<{ shareId: string }> }
) {
  // Rate-limit by client IP (never by shareId alone).
  const rl = await rateLimit("public-audio", clientKey(req), LIMITS.publicMedia);
  if (!rl.ok) {
    return new Response("Too many requests", {
      status: 429,
      headers: { "Retry-After": String(rl.retryAfterSec ?? 1) },
    });
  }

  const { shareId } = await params;

  const episode = await prisma.episode.findUnique({
    where: { shareId },
    select: { audioAsset: { select: { storageKey: true } } },
  });
  const key = episode?.audioAsset?.storageKey;
  if (!key) return new Response("Not found", { status: 404 });

  const total = await storage().size(key);
  if (total === null) return new Response("Not found", { status: 404 });

  const contentType = "audio/mpeg";

  const range = req.headers.get("range");
  if (range) {
    const match = /bytes=(\d+)-(\d*)/.exec(range);
    if (match) {
      const start = Number(match[1]);
      const end = match[2] ? Math.min(Number(match[2]), total - 1) : total - 1;
      if (start <= end && start < total) {
        const node = storage().createReadStream!(key, { start, end });
        const body = Readable.toWeb(node as Readable) as unknown as BodyInit;
        return new Response(body, {
          status: 206,
          headers: {
            "Content-Type": contentType,
            "Content-Length": String(end - start + 1),
            "Content-Range": `bytes ${start}-${end}/${total}`,
            "Accept-Ranges": "bytes",
            "Cache-Control": "public, max-age=3600",
          },
        });
      }
    }
  }

  const node = storage().createReadStream!(key);
  const body = Readable.toWeb(node as Readable) as unknown as BodyInit;
  return new Response(body, {
    headers: {
      "Content-Type": contentType,
      "Content-Length": String(total),
      "Accept-Ranges": "bytes",
      "Cache-Control": "public, max-age=3600",
    },
  });
}