import { NextRequest, NextResponse } from "next/server" import { getSessionUser } from "@/lib/auth" import { chatWithAI } from "@/lib/ai" export async function POST(request: NextRequest) { try { const user = await getSessionUser() if (!user) return NextResponse.json({ error: "Unauthorized" }, { status: 401 }) if (!["sales", "admin", "super_admin"].includes(user.role)) { return NextResponse.json({ error: "Forbidden" }, { status: 403 }) } const { message } = await request.json() if (!message || typeof message !== "string") { return NextResponse.json({ error: "Message is required" }, { status: 400 }) } // Forward the JWT from the session cookie to the Rust backend const sessionCookie = request.cookies.get("session")?.value if (!sessionCookie) return NextResponse.json({ error: "No session" }, { status: 401 }) const response = await chatWithAI(message, sessionCookie) return NextResponse.json({ response }) } catch (error) { console.error("AI chat error:", error) return NextResponse.json({ error: "AI service unavailable" }, { status: 503 }) } }