import { NextResponse } from 'next/server'
import { supabase } from '@/lib/supabase'
import { galleryRatelimit, getClientIp, checkRateLimit } from '@/lib/ratelimit'
import { validateImageContentType, validateContentLength } from '@/lib/validation'

export async function POST(request: Request) {
  try {
    // Validate request size
    validateContentLength(request, 20)

    // Rate limit check
    const ip = getClientIp(request)
    const { success, error } = await checkRateLimit(galleryRatelimit, ip)
    if (!success) return error

    const form = await request.formData()
    const image = form.get('image')
    if (!(image instanceof File)) {
      return NextResponse.json({ error: 'Image file required' }, { status: 400 })
    }

    if (!validateImageContentType(image.type)) {
      return NextResponse.json({ error: 'Invalid image format' }, { status: 400 })
    }

    if (image.size > 10 * 1024 * 1024) {
      return NextResponse.json({ error: 'Image too large (max 10MB)' }, { status: 413 })
    }

    const fileName = `share-${Date.now()}-${Math.random().toString(36).slice(2, 8)}.png`

    const { error: uploadError } = await supabase.storage
      .from('gallery')
      .upload(fileName, image, {
        contentType: 'image/png',
        cacheControl: '3600',
      })

    if (uploadError) throw uploadError

    const { data: urlData } = supabase.storage
      .from('gallery')
      .getPublicUrl(fileName)

    return NextResponse.json({ imageUrl: urlData.publicUrl })
  } catch (error) {
    console.error('Share upload error:', error)
    return NextResponse.json({ error: 'Failed to prepare share image' }, { status: 500 })
  }
}