import { NextRequest, NextResponse } from "next/server";
import { existsSync, createReadStream, statSync } from "fs";
import { join } from "path";
import { auth } from "@/lib/auth";
import { Readable } from "stream";

export const dynamic = "force-dynamic";

const BACKUP_DIR = "/home/minecraft/server/backups";

export async function GET(req: NextRequest) {
  const session = await auth();
  if (!session) {
    return NextResponse.json({ error: "Unauthorized" }, { status: 403 });
  }

  const name = req.nextUrl.searchParams.get("name");
  if (!name || !name.endsWith(".tar.gz") || name.includes("/") || name.includes("..")) {
    return NextResponse.json({ error: "Invalid name" }, { status: 400 });
  }

  const filePath = join(BACKUP_DIR, name);
  if (!existsSync(filePath)) {
    return NextResponse.json({ error: "Backup not found" }, { status: 404 });
  }

  const stat = statSync(filePath);
  const stream = createReadStream(filePath);
  const webStream = Readable.toWeb(stream) as ReadableStream;

  return new Response(webStream, {
    headers: {
      "Content-Type": "application/gzip",
      "Content-Disposition": `attachment; filename="${name}"`,
      "Content-Length": stat.size.toString(),
    },
  });
}