import { cookies } from 'next/headers';

export function getAuthPayload(request?: Request): { userId: number; role: string } | null {
  try {
    let token = cookies().get('access_token')?.value;
    
    // Ignore literal string "undefined" or "null" from cookies
    if (token === 'undefined' || token === 'null') {
      token = undefined;
    }

    if (!token && request) {
      const authHeader = request.headers.get('Authorization');
      if (authHeader?.startsWith('Bearer ')) {
        const headerToken = authHeader.substring(7);
        if (headerToken !== 'undefined' && headerToken !== 'null') {
          token = headerToken;
        }
      }
    }
    
    if (!token) return null;
    const parts = token.split('.');
    if (parts.length !== 3) return null;
    return JSON.parse(Buffer.from(parts[1], 'base64url').toString());
  } catch {
    return null;
  }
}
