import { NextRequest, NextResponse } from "next/server";
import { db } from "@/lib/db";
import { getServerSession } from "next-auth";
import { authOptions } from "@/lib/auth";

export async function GET() {
  const matches = await db.match.findMany({
    include: {
      homeTeam: true,
      awayTeam: true,
      gameweek: true,
    },
    orderBy: { matchDate: "asc" },
  });
  return NextResponse.json(matches);
}

export async function POST(req: NextRequest) {
  const session = await getServerSession(authOptions);
  if (!session || (session.user as any).role !== "ADMIN")
    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });

  const body = await req.json();
  const match = await db.match.create({
    data: {
      ...body,
      matchDate: new Date(body.matchDate),
    },
    include: { homeTeam: true, awayTeam: true },
  });
  return NextResponse.json(match, { status: 201 });
}