/** @type {import('./$types').RequestHandler} */

import { json } from '@sveltejs/kit';

export async function POST({ request }) {
  const { code } = await request.json()

  if (!code) {
    return json({
      message: `No code provided`,
    }, {
      status: 400
    })
  }

  const first_space_host = process.env.SPACE_HOST?.split(',')[0] ?? process.env.SPACE_HOST

  const REDIRECT_URI = `https://${first_space_host}/login/callback`;
  const Authorization = `Basic ${Buffer.from(
    `${process.env.OAUTH_CLIENT_ID}:${process.env.OAUTH_CLIENT_SECRET}`
  ).toString("base64")}`;

  const request_auth = await fetch("https://huggingface.co/oauth/token", {
    method: "POST",
    headers: {
      "Content-Type": "application/x-www-form-urlencoded",
      Authorization,
    },
    body: new URLSearchParams({
      grant_type: "authorization_code",
      code: code,
      redirect_uri: REDIRECT_URI,
    }),
  });

  const { access_token } = await request_auth.json();

  if (!access_token) {
    return json({
      message: `No access token provided`,
    }, {
      status: 400
    })
  }

  return json({
    ok: true,
    token: access_token
  })
}