import { NextResponse } from 'next/server';
import { ZodError } from 'zod';

export function successResponse<T>(data: T, status = 200) {
  return NextResponse.json(data, { status });
}

export function errorResponse(message: string, details?: any, status = 500) {
  console.error(`[API ERROR] ${message}`, details);
  // En production, nous devrions éviter d'exposer les détails techniques complets
  const env = process.env.NODE_ENV || 'development';
  const errorDetails = env === 'development' ? details : undefined;
  
  return NextResponse.json(
    { error: message, details: errorDetails }, 
    { status }
  );
}

export function validationErrorResponse(error: ZodError) {
  const errors = error.errors.map(e => ({
    field: e.path.join('.'),
    message: e.message
  }));
  return NextResponse.json(
    { error: "Données invalides", details: errors },
    { status: 400 }
  );
}

export function unauthorizedResponse(message = "Non autorisé") {
  return NextResponse.json({ error: message }, { status: 401 });
}

export function forbiddenResponse(message = "Accès refusé") {
  return NextResponse.json({ error: message }, { status: 403 });
}

export function notFoundResponse(message = "Ressource introuvable") {
  return NextResponse.json({ error: message }, { status: 404 });
}