import bcrypt from "bcryptjs";
import { NextResponse } from "next/server";
import { prisma } from "../../../lib/prisma";
import { isAdminEmail } from "../../../lib/auth";

export async function POST(request: Request) {
  const body = await request.json();
  const { email, name, password } = body || {};

  if (!email || !password) {
    return NextResponse.json({ error: "Email und Passwort sind erforderlich." }, { status: 400 });
  }

  const existing = await prisma.user.findUnique({ where: { email } });
  if (existing) {
    return NextResponse.json({ error: "Account existiert bereits." }, { status: 409 });
  }

  const passwordHash = await bcrypt.hash(password, 10);
  const user = await prisma.user.create({
    data: {
      email,
      name: name || null,
      passwordHash,
      role: isAdminEmail(email) ? "ADMIN" : "USER"
    }
  });

  return NextResponse.json({ id: user.id, email: user.email });
}