// app/api/admin/route.ts
// 后台管理API入口

import { NextRequest, NextResponse } from 'next/server'

// 验证管理员权限
function verifyAdmin(req: NextRequest) {
  const token = req.headers.get('Authorization')?.replace('Bearer ', '')
  
  // TODO: 实现真实的token验证
  if (!token || token !== 'admin-token-secret') {
    return false
  }
  
  return true
}

// GET: 获取后台概览数据
export async function GET(req: NextRequest) {
  if (!verifyAdmin(req)) {
    return NextResponse.json(
      { error: '未授权访问' },
      { status: 401 }
    )
  }

  // 获取所有模块的概览数据
  const overview = {
    content: {
      totalChapters: 65,
      totalWords: 120000,
      publishedChapters: 60,
      draftChapters: 5,
      lastUpdate: new Date().toISOString()
    },
    payment: {
      totalRevenue: 12800.50,
      todayRevenue: 560.00,
      totalOrders: 128,
      todayOrders: 12,
      averagePrice: 100.00
    },
    referral: {
      totalReferrers: 45,
      activeReferrers: 28,
      totalCommission: 11520.45,
      paidCommission: 8500.00,
      pendingCommission: 3020.45
    },
    users: {
      totalUsers: 1200,
      purchasedUsers: 128,
      activeUsers: 456,
      todayNewUsers: 23
    }
  }

  return NextResponse.json(overview)
}

// POST: 管理员登录
export async function POST(req: NextRequest) {
  const body = await req.json()
  const { username, password } = body

  // TODO: 实现真实的登录验证
  if (username === 'admin' && password === 'admin123') {
    return NextResponse.json({
      success: true,
      token: 'admin-token-secret',
      user: {
        id: 'admin',
        username: 'admin',
        role: 'admin',
        name: '卡若'
      }
    })
  }

  return NextResponse.json(
    { error: '用户名或密码错误' },
    { status: 401 }
  )
}