import { NextRequest, NextResponse } from 'next/server';
import { isAuthorized, unauthorized } from './auth';

type RouteContext = { params: Promise<Record<string, string>> };
type Handler = (req: NextRequest, ctx: RouteContext) => Promise<NextResponse>;

/**
 * Wraps a route handler with auth checking and unified error handling.
 *
 * @example
 * export const GET = withAuth(async (req) => {
 *   const rows = await pool.query('...');
 *   return NextResponse.json(rows);
 * });
 */
export function withAuth(handler: Handler): Handler {
  return async (req, ctx) => {
    if (!isAuthorized(req)) return unauthorized();
    try {
      return await handler(req, ctx);
    } catch (err) {
      console.error(err);
      return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
    }
  };
}