import { NextResponse } from "next/server";
import prisma from "@/lib/prisma";
import { randomBytes } from "crypto";

export async function POST(req: Request) {
  const { nickname } = await req.json();
  if (!nickname) return NextResponse.json({ error: "nickname required" }, { status: 400 });
  const user = await prisma.user.findUnique({ where: { nickname } });
  if (!user) return NextResponse.json({ ok: true });
  const token = randomBytes(24).toString("hex");
  const expiresAt = new Date(Date.now() + 1000 * 60 * 30); // 30분
  await prisma.passwordResetToken.create({
    data: { userId: user.userId, token, expiresAt },
  });
  // 실제로는 이메일 발송 필요. 여기선 토큰을 반환(데모)
  return NextResponse.json({ ok: true, token });
}