import { getDb } from '../utils/db.js'
import { requireAuth } from '../utils/authHelpers.js'

export default defineEventHandler(async (event) => {
  const user = requireAuth(event)
  if (user.role !== 'admin' && user.role !== 'leader') {
    throw createError({ statusCode: 403, message: 'Forbidden' })
  }
  const { all } = await getDb()
  const rows = await all('SELECT id, identifier, role, auth_provider FROM users ORDER BY identifier')
  return rows.map(r => ({ id: r.id, identifier: r.identifier, role: r.role, auth_provider: r.auth_provider ?? 'local' }))
})