import { NextResponse } from "next/server"

function getProvidedToken(request: Request) {
  const authHeader = request.headers.get("authorization") || ""
  const bearerToken = authHeader.startsWith("Bearer ")
    ? authHeader.slice("Bearer ".length).trim()
    : ""

  return request.headers.get("x-admin-token") || bearerToken
}

export function requireAdminToken(request: Request) {
  const configuredToken = process.env.ADMIN_API_TOKEN

  if (!configuredToken) {
    return NextResponse.json(
      { error: "Admin API is disabled." },
      { status: 503 }
    )
  }

  const providedToken = getProvidedToken(request)
  if (providedToken !== configuredToken) {
    return NextResponse.json({ error: "Unauthorized" }, { status: 401 })
  }

  return null
}

export function isAdminUiEnabled() {
  return process.env.ADMIN_UI_ENABLED === "true"
}