import { NextRequest, NextResponse } from "next/server";
import { getSessionUser } from "@/lib/session";
import { getPackageDef } from "@/lib/packages";
import {
  getDefaultSoulMd,
  getDefaultAgentsMd,
  generateToolsMd,
} from "@/lib/workspace-defaults";

/**
 * GET /api/workspace-defaults?packages=telegram,web-search
 * Returns default content for SOUL.md, AGENTS.md, and TOOLS.md.
 * Used by the onboarding wizard to pre-fill textareas.
 *
 * orgName is always resolved from the authenticated session — never
 * accepted as a query parameter.
 */
export async function GET(req: NextRequest) {
  const user = await getSessionUser();
  if (!user) {
    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
  }

  // Always use the session org name — not a client-supplied parameter
  const orgName = user.orgName || "Your Company";

  const packagesParam = req.nextUrl.searchParams.get("packages") || "";
  const packages = packagesParam
    ? packagesParam.split(",").filter((id) => id && getPackageDef(id))
    : [];

  const [soulMd, agentsMd, toolsMd] = await Promise.all([
    getDefaultSoulMd(orgName),
    getDefaultAgentsMd(),
    generateToolsMd(packages),
  ]);

  return NextResponse.json({ soulMd, agentsMd, toolsMd });
}