import { verifyToken } from '../../utils/jwt'
import { getUserById } from '../../modules/auth/user'

export default defineEventHandler(async (event) => {
  const authHeader = getHeader(event, 'authorization')
  
  if (!authHeader || !authHeader.startsWith('Bearer ')) {
    throw createError({
      statusCode: 401,
      message: '未登录'
    })
  }

  const token = authHeader.substring(7)
  const payload = verifyToken(token)
  
  if (!payload || payload.type !== 'access') {
    throw createError({
      statusCode: 401,
      message: '无效的访问令牌'
    })
  }

  const user = getUserById(payload.userId)
  if (!user) {
    throw createError({
      statusCode: 404,
      message: '用户不存在'
    })
  }

  if (user.status !== 'active') {
    throw createError({
      statusCode: 403,
      message: '账户已被禁用'
    })
  }

  return {
    success: true,
    data: {
      id: user.id,
      username: user.username,
      email: user.email,
      realName: user.real_name,
      avatar: user.avatar,
      role: user.role_name,
      permissions: user.permissions,
      lastLogin: user.last_login,
      createdAt: user.created_at
    }
  }
})