CapaKraken/apps/web/src/app/api/cron/public-holidays/route.ts

import { NextResponse } from "next/server";
import { prisma } from "@capakraken/db";
import { autoImportPublicHolidays } from "@capakraken/api";

export const dynamic = "force-dynamic";
export const runtime = "nodejs";

/**
 * GET /api/cron/public-holidays?year=2027
 *
 * Auto-imports public holidays for all active resources for a given year.
 * Each resource's federal state determines which state-specific holidays apply.
 * Duplicate-safe: existing holidays are skipped.
 *
 * Query params:
 *   - year (optional): defaults to next year
 *
 * Optionally protected with CRON_SECRET environment variable.
 * When set, requests must include `Authorization: Bearer <secret>`.
 */
export async function GET(request: Request) {
  const cronSecret = process.env["CRON_SECRET"];
  if (cronSecret) {
    const auth = request.headers.get("authorization");
    if (auth !== `Bearer ${cronSecret}`) {
      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
    }
  }

  const { searchParams } = new URL(request.url);
  const yearParam = searchParams.get("year");
  const year = yearParam ? parseInt(yearParam, 10) : new Date().getFullYear() + 1;

  if (isNaN(year) || year < 2000 || year > 2100) {
    return NextResponse.json(
      { error: "Invalid year parameter. Must be between 2000 and 2100." },
      { status: 400 },
    );
  }

  try {
    const result = await autoImportPublicHolidays(prisma, year);

    return NextResponse.json({
      ok: true,
      year: result.year,
      holidaysCreated: result.holidaysCreated,
      resourcesProcessed: result.resourcesProcessed,
      skippedExisting: result.skippedExisting,
    });
  } catch (error) {
    console.error("[cron/public-holidays] Error:", error);
    return NextResponse.json(
      { ok: false, error: "Internal error" },
      { status: 500 },
    );
  }
}