import { createApi } from "@garage/api"
import { getAuthCookies, getWorkspaceContext } from "@/modules/auth/auth.actions"

/**
 * Returns an authenticated API client for server-side use (server actions, RSC).
 *
 * Server-side calls bypass the /api/proxy route — the server already has
 * cookie access and can talk to the workspace's repareenew install directly.
 * Browser-side code should use the singleton `api` from @garage/api, which
 * defaults to baseUrl="/api/proxy" and gets workspace context from cookies
 * via the proxy route.
 */
export const getAuthApi = async () => {
    const { token } = await getAuthCookies()
    const { apiBase, workspaceUuid } = await getWorkspaceContext()

    const headers: Record<string, string> = {}
    if (token) headers.Authorization = `Bearer ${token}`
    if (workspaceUuid) headers["X-Workspace-UUID"] = workspaceUuid

    return createApi({
        baseUrl: apiBase,
        headers: Object.keys(headers).length ? headers : undefined,
    })
}