import { NextResponse } from 'next/server';
import * as nodemailer from 'nodemailer';

export async function POST(req: Request) {
  try {
    const { name, email, company, message, website } = await req.json();

    // Honeypot check
    if (website) {
      console.log('Spam detected (honeypot)');
      return NextResponse.json({ message: 'Ok' });
    }

    // Validation
    if (!name || name.length < 2 || name.length > 100) {
      return NextResponse.json({ error: 'Ungültiger Name' }, { status: 400 });
    }
    if (!email || !/^\S+@\S+\.\S+$/.test(email)) {
      return NextResponse.json({ error: 'Ungültige E-Mail' }, { status: 400 });
    }
    if (!message || message.length < 20 || message.length > 4000) {
      return NextResponse.json({ error: 'Nachricht zu kurz oder zu lang' }, { status: 400 });
    }

    const transporter = nodemailer.createTransport({
      host: process.env.SMTP_HOST,
      port: parseInt(process.env.SMTP_PORT || '587'),
      secure: process.env.SMTP_SECURE === 'true',
      auth: {
        user: process.env.SMTP_USER,
        pass: process.env.SMTP_PASS,
      },
    });

    await transporter.sendMail({
      from: process.env.SMTP_FROM,
      to: process.env.CONTACT_RECIPIENT,
      replyTo: email,
      subject: `Kontaktanfrage von ${name}`,
      text: `
Name: ${name}
Firma: ${company || 'Nicht angegeben'}
E-Mail: ${email}
Zeitpunkt: ${new Date().toISOString()}

Nachricht:
${message}
      `,
    });

    return NextResponse.json({ message: 'Ok' });
  } catch (error) {
    console.error('SMTP Error:', error);
    return NextResponse.json({ error: 'Interner Serverfehler' }, { status: 500 });
  }
}