import { NextRequest, NextResponse } from "next/server"
import { cookies } from "next/headers"

export async function POST(req: NextRequest) {
  const { email, password, name } = await req.json()
  
  if (!email || !password) {
    return NextResponse.json({ error: "Email and password required" }, { status: 400 })
  }

  // In production: hash password, store in DB
  // For MVP: create user in backend DB, set cookie
  try {
    const res = await fetch(`${process.env.API_URL || "http://localhost:8000"}/users`, {
      method: "POST",
      headers: { "Content-Type": "application/json" },
      body: JSON.stringify({ user_id: email.split("@")[0], email, name })
    })
    
    if (!res.ok) {
      return NextResponse.json({ error: "Failed to create user" }, { status: 500 })
    }

    const cookieStore = await cookies()
    cookieStore.set("autojobs_user", email.split("@")[0], {
      httpOnly: true,
      secure: process.env.NODE_ENV === "production",
      sameSite: "lax",
      maxAge: 60 * 60 * 24 * 30 // 30 days
    })

    return NextResponse.json({ status: "ok" })
  } catch {
    return NextResponse.json({ error: "Server error" }, { status: 500 })
  }
}