import { NextResponse } from 'next/server';
import { getPublicCaptchaConfig } from '@/lib/captcha-server';

export const dynamic = 'force-dynamic';

/**
 * Exposes the active CAPTCHA configuration to the <Captcha /> client component —
 * a secret-free projection of Shopware's `core.basicInformation.activeCaptchasV2`
 * (site keys + flags only, never secret keys).
 */
export async function GET() {
  try {
    const config = await getPublicCaptchaConfig();
    return NextResponse.json(config, { headers: { 'Cache-Control': 'no-store' } });
  } catch {
    // Fail safe: no CAPTCHA rather than blocking forms if admin API is down.
    return NextResponse.json({
      honeypot: false,
      basicCaptcha: false,
      googleReCaptchaV2: null,
      googleReCaptchaV3: null,
    });
  }
}