import jwt from 'jsonwebtoken'

export default defineEventHandler(async (event) => {
  try {
    const token = getCookie(event, 'auth-token') || getHeader(event, 'authorization')?.replace('Bearer ', '')

    if (!token) {
      throw createError({
        statusCode: 401,
        statusMessage: '인증 토큰이 없습니다.'
      })
    }

    // JWT 토큰 검증
    const decoded = jwt.verify(token, 'your-secret-key') as any

    return {
      success: true,
      user: {
        id: decoded.id,
        user_id: decoded.user_id,
        name: decoded.name,
        role_level: decoded.role_level
      }
    }

  } catch (error) {
    console.error('Token verification error:', error)
    throw createError({
      statusCode: 401,
      statusMessage: '유효하지 않은 토큰입니다.'
    })
  }
})