import { getUserFromToken } from '../../../utils/auth.js'

export default defineEventHandler(async (event) => {
  const token = getCookie(event, 'auth_token')
  const user = token ? await getUserFromToken(token) : null

  if (!user) {
    throw createError({ statusCode: 401, statusMessage: 'Nicht authentifiziert' })
  }

  const passkeys = Array.isArray(user.passkeys) ? user.passkeys : []

  return {
    success: true,
    passkeys: passkeys.map(pk => ({
      id: pk.id,
      name: pk.name || 'Passkey',
      credentialId: pk.credentialId,
      createdAt: pk.createdAt || null,
      lastUsedAt: pk.lastUsedAt || null,
      deviceType: pk.deviceType || null,
      backedUp: pk.backedUp ?? null
    }))
  }
})