import { getUsers } from '../../../modules/auth/user'
import type { User } from '../../../modules/auth/types'
import { verifyToken } from '../../../utils/jwt'

export default defineEventHandler(async (event) => {
  const authHeader = getHeader(event, 'authorization')
  
  if (!authHeader || !authHeader.startsWith('Bearer ')) {
    throw createError({ statusCode: 401, message: '请先登录' })
  }

  const token = authHeader.substring(7)
  const payload = verifyToken(token)
  
  if (!payload || payload.type !== 'access' || payload.role !== 'admin') {
    throw createError({ statusCode: 403, message: '需要管理员权限' })
  }

  const query = getQuery(event)
  const roleId = query.roleId ? Number(query.roleId) : undefined
  const status = query.status as string | undefined

  const users = getUsers({ roleId, status })

  return {
    success: true,
    data: users.map((u: User) => ({
      id: u.id,
      username: u.username,
      email: u.email,
      realName: u.real_name,
      avatar: u.avatar,
      roleId: u.role_id,
      roleName: u.role_name,
      status: u.status,
      lastLogin: u.last_login,
      createdAt: u.created_at
    }))
  }
})