/**
 * POST /api/debug/blocklist/update
 * Block or unblock a JID
 */
import { baileysManager } from '../../../services/baileys/manager'

export default defineEventHandler(async (event) => {
  const username = getHeader(event, 'x-authentik-username')
  if (!username) {
    throw createError({ statusCode: 401, message: 'Unauthorized' })
  }

  const body = await readBody(event)
  const { instanceId, jid, action } = body

  if (!instanceId) {
    throw createError({ statusCode: 400, message: 'instanceId is required' })
  }

  if (!jid) {
    throw createError({ statusCode: 400, message: 'jid is required' })
  }

  if (!action || !['block', 'unblock'].includes(action)) {
    throw createError({ statusCode: 400, message: 'action must be "block" or "unblock"' })
  }

  const socket = baileysManager.getSocket(instanceId)
  if (!socket) {
    throw createError({ statusCode: 400, message: 'Instance not connected' })
  }

  try {
    await socket.updateBlockStatus(jid, action)
    return { success: true, message: `User ${action}ed successfully` }
  } catch (error) {
    throw createError({
      statusCode: 500,
      message: `Failed to ${action} user: ${(error as Error).message}`
    })
  }
})