import { confirmProtectedDeviceInstalled } from "../../../db/protectedDevices";

/**
 * POST /api/devices/:id/confirm-installed
 *
 * User klickt "Installiert" in der App nach dem Profil-Download.
 * Setzt installedAt = NOW() und status = "active".
 *
 * Auth: requireUser + ownership (confirmProtectedDeviceInstalled prüft userId).
 */
export default defineEventHandler(async (event) => {
  const user = await requireUser(event);
  const id = getRouterParam(event, "id");
  if (!id) throw createError({ statusCode: 400, data: { error: "ID_REQUIRED" } });

  const updated = await confirmProtectedDeviceInstalled(id, user.id);

  if (!updated) {
    throw createError({
      statusCode: 404,
      data: { error: "DEVICE_NOT_FOUND_OR_REVOKED" },
    });
  }

  return { success: true, data: { status: updated.status, installedAt: updated.installedAt } };
});