import { NextApiResponse } from 'next';
import { AuthenticatedRequest } from '../../../../../../lib/middleware/authMiddleware';
import { requireAdmin } from '../../../../../../lib/middleware/adminMiddleware';
import { UserService } from '../../../../../../backend/services/userService';

export default async function handler(req: AuthenticatedRequest, res: NextApiResponse) {
    if (req.method !== 'POST') {
        return res.status(405).json({ success: false, error: 'Method not allowed' });
    }

    // Require admin authentication
    const isAdmin = await requireAdmin(req, res);
    if (!isAdmin) {
        return;
    }

    const { id } = req.query;

    if (typeof id !== 'string') {
        return res.status(400).json({ success: false, error: 'Invalid user ID' });
    }

    try {
        const updatedUser = await UserService.toggleUserStatus(id);
        return res.status(200).json({ success: true, data: updatedUser });
    } catch (error) {
        console.error('Error toggling user status:', error);
        return res.status(500).json({ success: false, error: 'Failed to toggle user status' });
    }
}