import { saveSermonNote, getUserByUsername } from '~/server/utils/database'
import { getAuthCookie } from '~/server/utils/auth'

export default defineEventHandler(async (event) => {
  const username = getAuthCookie(event)
  
  if (!username) {
    throw createError({
      statusCode: 401,
      message: 'Unauthorized'
    })
  }

  const user = getUserByUsername(username)
  
  if (!user) {
    throw createError({
      statusCode: 401,
      message: 'User not found'
    })
  }

  const sermonId = parseInt(event.context.params?.sermonId || '')
  const body = await readBody(event)
  const { notes } = body
  
  if (isNaN(sermonId)) {
    throw createError({
      statusCode: 400,
      message: 'Invalid sermon ID'
    })
  }

  if (typeof notes !== 'string') {
    throw createError({
      statusCode: 400,
      message: 'Notes must be a string'
    })
  }

  try {
    saveSermonNote(user.id!, sermonId, notes)
    return { success: true }
  } catch (error) {
    throw createError({
      statusCode: 500,
      message: 'Failed to save notes'
    })
  }
})