import { auth } from '@/app/api/auth/[...nextauth]/route';
import { prismaAuth } from './db';

/**
 * Check if the current user is an admin
 */
export async function isAdmin(): Promise<boolean> {
  try {
    const session = await auth();
    
    if (!session?.user?.id) {
      return false;
    }

    // First check if isAdmin is already in the session (faster, no DB query needed)
    if (session.user.isAdmin !== undefined) {
      return session.user.isAdmin === true;
    }

    // Fallback to database query if session doesn't have isAdmin
    const userId = parseInt(session.user.id, 10);
    if (isNaN(userId)) {
      return false;
    }

    const user = await prismaAuth.user.findUnique({
      where: { id: userId },
      select: { isAdmin: true, isActive: true },
    });

    // User must be active to have admin permissions (treat null/undefined as true)
    if (user?.isActive === false) {
      return false;
    }

    return user?.isAdmin ?? false;
  } catch (error: any) {
    console.error('[isAdmin] Error checking admin status:', error);
    return false;
  }
}

/**
 * Check if the current user can approve identifications (admin only)
 */
export async function canApproveIdentifications(): Promise<boolean> {
  return isAdmin();
}