import { createSermon, getUserByUsername } from '~/server/utils/database'
import { getSessionUsername } from '~/server/utils/auth'

export default defineEventHandler(async (event) => {
  // Check authentication
  const username = await getSessionUsername(event)
  
  if (!username) {
    throw createError({
      statusCode: 401,
      message: 'Unauthorized'
    })
  }

  // Check admin role
  const user = getUserByUsername(username)
  
  if (!user || user.is_admin !== 1) {
    throw createError({
      statusCode: 403,
      message: 'Forbidden - Admin access required'
    })
  }

  const body = await readBody(event)
  const { slug, title, date, dates, bible_references, personal_appliance, pastors_challenge, worship_songs } = body

  if (!slug || !title || !date || !bible_references || !personal_appliance || !pastors_challenge) {
    throw createError({
      statusCode: 400,
      message: 'All fields are required'
    })
  }

  try {
    createSermon({
      slug: body.slug,
      title: body.title,
      date: body.date,
      dates: body.dates,
      bible_references: body.bible_references,
      personal_appliance: body.personal_appliance,
      pastors_challenge: body.pastors_challenge,
      worship_songs: body.worship_songs,
      created_by: username
    })

    return {
      success: true,
      message: 'Sermon created successfully'
    }
  } catch (error: any) {
    throw createError({
      statusCode: 500,
      message: error.message || 'Failed to create sermon'
    })
  }
})