export default async function handler(req, res) {
  const { code, error } = req.query;

  if (error) {
    return res.redirect('/?error=google_auth_failed');
  }

  if (!code) {
    return res.redirect('/?error=no_code');
  }

  try {
    // Exchange authorization code for tokens
    const tokenResponse = await fetch('https://oauth2.googleapis.com/token', {
      method: 'POST',
      headers: {
        'Content-Type': 'application/x-www-form-urlencoded',
      },
      body: new URLSearchParams({
        client_id: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID,
        client_secret: process.env.GOOGLE_CLIENT_SECRET,
        code,
        grant_type: 'authorization_code',
        redirect_uri: `${process.env.NEXTAUTH_URL || 'http://localhost:3000'}/api/auth/callback/google`,
      }),
    });

    const tokenData = await tokenResponse.json();

    if (tokenData.error) {
      throw new Error(tokenData.error_description);
    }

    // Get user info
    const userResponse = await fetch('https://www.googleapis.com/oauth2/v2/userinfo', {
      headers: {
        Authorization: `Bearer ${tokenData.access_token}`,
      },
    });

    const userData = await userResponse.json();

    // Here you would typically:
    // 1. Check if user exists in your database
    // 2. Create or update user record
    // 3. Create session/token
    // 4. Redirect to dashboard

    // For demo purposes, we'll just redirect with user info
    const userParam = encodeURIComponent(JSON.stringify(userData));
    res.redirect(`/?google_login_success=true&user=${userParam}`);
  } catch (error) {
    console.error('Google auth error:', error);
    res.redirect('/?error=google_auth_failed');
  }
}