import { NextResponse } from "next/server";
import { z } from "zod";
import {
  AUTOTRADE_API_ERROR_CODE,
  createAutotradeErrorResponse,
  getAutotradeUserId,
  readJsonBody,
} from "@/app/api/autotrade/_shared";
import { buildRiskEnvelope } from "@/lib/autotrade/risk";

const validateRequestSchema = z.object({
  cashBalance: z.number().nonnegative(),
  allocationPercent: z.number().nonnegative(),
  allocationAmount: z.number().positive(),
  dailyLossPercent: z.number().nonnegative(),
  dailyLossAmount: z.number().positive(),
});

export async function POST(request: Request) {
  const userId = await getAutotradeUserId(request.headers);
  if (!userId) {
    return createAutotradeErrorResponse({
      status: 401,
      code: AUTOTRADE_API_ERROR_CODE.AUTH_REQUIRED,
      message: "로그인이 필요합니다.",
    });
  }

  const rawBody = await readJsonBody(request);
  const parsed = validateRequestSchema.safeParse(rawBody);
  if (!parsed.success) {
    return createAutotradeErrorResponse({
      status: 400,
      code: AUTOTRADE_API_ERROR_CODE.INVALID_REQUEST,
      message: parsed.error.issues[0]?.message ?? "검증 입력값이 올바르지 않습니다.",
    });
  }

  return NextResponse.json({
    ok: true,
    validation: buildRiskEnvelope(parsed.data),
  });
}