import { jsonResponse, errorResponse } from '../utils/cors'

// WebMCP token storage (in-memory)
let pendingWebMCPToken: { token: string; createdAt: Date } | null = null

export async function handleWebMCPToken(req: Request) {
  if (req.method === 'GET') {
    if (pendingWebMCPToken) {
      // Check if token is not expired (5 minutes)
      const age = Date.now() - pendingWebMCPToken.createdAt.getTime()
      if (age < 5 * 60 * 1000) {
        return jsonResponse({
          token: pendingWebMCPToken.token,
          createdAt: pendingWebMCPToken.createdAt.toISOString()
        })
      }
      // Token expired
      pendingWebMCPToken = null
    }
    return jsonResponse({ token: null })
  }

  if (req.method === 'POST') {
    const body = await req.json()
    if (body.token) {
      pendingWebMCPToken = {
        token: body.token,
        createdAt: new Date()
      }
      console.log('[WebMCP] Token received and stored')
      return jsonResponse({ success: true })
    }
    return errorResponse('Token required', 400)
  }

  if (req.method === 'DELETE') {
    pendingWebMCPToken = null
    return jsonResponse({ success: true })
  }

  return null
}