import { NextResponse } from "next/server";
import { db } from "@/lib/db";
import { cookies } from "next/headers";
import { verifyToken } from "@/lib/auth";

export async function GET() {
  try {
    const cookieStore = await cookies();
    const token = cookieStore.get("token")?.value;

    if (!token) {
      return NextResponse.json({ error: "Sesión no válida" }, { status: 401 });
    }

    const decoded: any = verifyToken(token);
    
    if (!decoded || decoded.role !== 'leader') {
      return NextResponse.json({ error: "Acceso denegado" }, { status: 403 });
    }

    const leaderId = decoded.id;

    // LÓGICA: 
    // m.leader_id = 8 (Tu ID)
    // m.status = 'review'
    // JOIN con users para traer el full_name del brigadista que lo creó (m.created_by)
    const [reviewRows]: any = await db.query(
      `SELECT 
        m.*, 
        u.full_name as brigadist_name
      FROM militants m
      INNER JOIN users u ON m.created_by = u.id
      WHERE m.status = 'review' 
      AND m.leader_id = ?
      ORDER BY m.updated_at DESC`,
      [leaderId]
    );

    return NextResponse.json(reviewRows);

  } catch (error) {
    console.error("LEADER_REVIEWS_GET_ERROR:", error);
    return NextResponse.json({ error: "Error interno del servidor" }, { status: 500 });
  }
}