breakpilot-pwa/website/app/api/content/route.ts

/**
 * Content API Route
 *
 * GET: Laedt aktuellen Website-Content
 * POST: Speichert geaenderten Content (Admin only)
 */

import { NextRequest, NextResponse } from 'next/server'
import { getContent, saveContent, WebsiteContent } from '@/lib/content'

// GET - Content laden
export async function GET() {
  try {
    const content = getContent()
    return NextResponse.json(content)
  } catch (error) {
    console.error('Error loading content:', error)
    return NextResponse.json(
      { error: 'Failed to load content' },
      { status: 500 }
    )
  }
}

// POST - Content speichern
export async function POST(request: NextRequest) {
  try {
    // Einfache Admin-Pruefung via Header oder Query
    // In Produktion: JWT/Session-basierte Auth
    const adminKey = request.headers.get('x-admin-key')
    const expectedKey = process.env.ADMIN_API_KEY || 'breakpilot-admin-2024'

    if (adminKey !== expectedKey) {
      return NextResponse.json(
        { error: 'Unauthorized' },
        { status: 401 }
      )
    }

    const content: WebsiteContent = await request.json()

    // Validierung
    if (!content.hero || !content.features || !content.faq || !content.pricing) {
      return NextResponse.json(
        { error: 'Invalid content structure' },
        { status: 400 }
      )
    }

    const result = saveContent(content)

    if (result.success) {
      return NextResponse.json({ success: true, message: 'Content saved' })
    } else {
      return NextResponse.json(
        { error: result.error || 'Failed to save content' },
        { status: 500 }
      )
    }
  } catch (error) {
    console.error('Error saving content:', error)
    return NextResponse.json(
      { error: error instanceof Error ? error.message : 'Failed to save content' },
      { status: 500 }
    )
  }
}