import { NextResponse } from 'next/server';
import { getStorefrontSecuritySettings } from '@/lib/shopware-admin';

export const dynamic = 'force-dynamic';

/**
 * Exposes the storefront-relevant "Security and Privacy" settings (read from the
 * Admin API) to client components: the contact form's required fields and the
 * cookie-consent banner behaviour.
 */
export async function GET() {
  try {
    const settings = await getStorefrontSecuritySettings();
    return NextResponse.json(settings, {
      headers: { 'Cache-Control': 'no-store' },
    });
  } catch {
    // Fail safe: don't force extra required fields, keep the default banner.
    return NextResponse.json({
      firstNameFieldRequired: false,
      lastNameFieldRequired: false,
      phoneNumberFieldRequired: false,
      useDefaultCookieConsent: true,
      acceptAllCookies: false,
    });
  }
}