ember-market-frontend/app/api/auth/check/route.ts

import { NextRequest, NextResponse } from 'next/server';

export async function GET(req: NextRequest) {
  try {
    // Check for Authorization in headers first, then fall back to cookies
    let token = req.headers.get('Authorization')?.replace('Bearer ', '');
    
    // If not in headers, check cookies
    if (!token) {
      token = req.cookies.get('Authorization')?.value;
      console.log('Auth check: Token from cookies');
    } else {
      console.log('Auth check: Token from headers');
    }
    
    if (!token) {
      console.log('Auth check failed: No Authorization token found');
      return NextResponse.json(
        { error: 'No authorization token found' },
        { status: 401 }
      );
    }
    
    console.log('Auth check: Token found -', token.substring(0, 15) + '...');
    
    const apiUrl = process.env.SERVER_API_URL || 'https://internal-api.inboxi.ng/api';
    console.log(`Auth check: Calling external API: ${apiUrl}/auth/me`);
    
    const res = await fetch(`${apiUrl}/auth/me`, {
      method: 'GET',
      headers: {
        'Content-Type': 'application/json',
        'Authorization': `Bearer ${token}`
      },
      cache: 'no-store'
    });
    
    console.log('Auth check: External API response status:', res.status);
    
    if (!res.ok) {
      try {
        const errorData = await res.json();
        console.log('Auth check failed:', {
          status: res.status, 
          statusText: res.statusText,
          body: errorData
        });
      } catch {
        const errorText = await res.text().catch(() => 'No response body');
        console.log('Auth check failed:', {
          status: res.status, 
          statusText: res.statusText,
          body: errorText
        });
      }
      
      return NextResponse.json(
        { error: 'Authentication failed', details: res.statusText },
        { status: res.status }
      );
    }
    
    const data = await res.json();
    console.log('Auth check succeeded:', { userId: data._id || 'unknown' });
    return NextResponse.json(data);
    
  } catch (error) {
    console.error('Auth check error:', error);
    return NextResponse.json(
      { 
        error: 'Failed to validate authentication', 
        details: error instanceof Error ? error.message : String(error)
      },
      { status: 500 }
    );
  }
}