import { NextResponse } from 'next/server'
import { sessionRepo } from '@/lib/database/repositories/session.repo'
import { messageRepo } from '@/lib/database/repositories/message.repo'
import { isAuthError, requireUser, requireWorkspaceWriteAccess } from '@/lib/auth/session'

/**
 * POST /api/sessions/:id/clear — Delete all messages in a session.
 */
export async function POST(_req: Request, { params }: { params: Promise<{ id: string }> }) {
  let user
  try { user = await requireUser() } catch (err) { if (isAuthError(err)) return err; throw err }
  const { id } = await params

  const session = sessionRepo.findByIdAndUser(id, user.id)
  if (!session) {
    return NextResponse.json({ error: 'Session not found' }, { status: 404 })
  }
  if (session.workspace) {
    try { await requireWorkspaceWriteAccess(session.workspace) } catch (err) { if (isAuthError(err)) return err; throw err }
  }

  messageRepo.deleteBySession(id)
  return NextResponse.json({ ok: true })
}
