// app/api/me/route.ts
import { NextResponse } from "next/server";

function readCookie(name: string, cookieHeader: string) {
    const m = cookieHeader.match(new RegExp(`(?:^|;\\s*)${name}=([^;]+)`));
    return m?.[1] ?? null;
}

export async function GET(req: Request) {
    const base = process.env.NEXT_PUBLIC_API_BASE_URL!;
    // include username so the form can show it
    const url = `${base}/users/me?fields=id,username,display_name,first_name,last_name,email`;

    const cookieHeader = req.headers.get("cookie") ?? "";
    const ma_at = readCookie("ma_at", cookieHeader);

    const headers: Record<string, string> = { "cache-control": "no-store" };
    if (cookieHeader) headers.cookie = cookieHeader;
    if (ma_at) headers.authorization = `Bearer ${ma_at}`;

    const res = await fetch(url, { headers, cache: "no-store" });
    const body = await res.json().catch(() => ({}));

    return new NextResponse(JSON.stringify(body), {
        status: res.status,
        headers: {
            "content-type": "application/json",
            "cache-control": "no-store",
        },
    });
}