import { requireAuth } from '../../../utils/authHelpers.js'
import { getLiveSession } from '../../../utils/liveSessions.js'
import { getTransport } from '../../../utils/mediasoup.js'

export default defineEventHandler(async (event) => {
  requireAuth(event) // Verify authentication
  const body = await readBody(event).catch(() => ({}))
  const { sessionId, transportId, dtlsParameters } = body

  if (!sessionId || !transportId || !dtlsParameters) {
    throw createError({ statusCode: 400, message: 'sessionId, transportId, and dtlsParameters required' })
  }

  const session = getLiveSession(sessionId)
  if (!session) {
    throw createError({ statusCode: 404, message: 'Session not found' })
  }
  // Note: Both publisher and viewers can connect their own transports
  // The transportId ensures they can only connect transports they created

  const transport = getTransport(transportId)
  if (!transport) {
    throw createError({ statusCode: 404, message: 'Transport not found' })
  }

  try {
    await transport.connect({ dtlsParameters })
    return { connected: true }
  }
  catch (err) {
    console.error('[connect-transport] Transport connect failed:', transportId, err.message || err)
    throw createError({ statusCode: 500, message: err.message || 'Transport connect failed' })
  }
})