namespace Tango.Portal.Chat.Web.Alerts
{
    public class AzureAlertsHandler
    {
        private const string SecretHeader = "X-Alerts-Secret";
        private readonly string? _secret;

        public AzureAlertsHandler(String? secret)
        {
            _secret = secret;
        }

        public async Task<IResult> HandleAlert(HttpRequest req)
        {
            if (string.IsNullOrEmpty(_secret))
                return Results.StatusCode(StatusCodes.Status500InternalServerError);

            if (!req.Headers.TryGetValue(SecretHeader, out var provided) || provided.Count == 0 || provided[0] != _secret)
                return Results.Unauthorized();

            using var reader = new StreamReader(req.Body);
            var body = await reader.ReadToEndAsync();

            // TODO: we’ll validate auth + forward to n8n in next steps
            Console.WriteLine($"Alert received: {body.Length} bytes");
            return Results.Ok(new { ok = true });
        }
    }
}