export default defineEventHandler(async (event) => {
  console.log('📊 Admin stats requested at:', new Date().toISOString());
  
  try {
    // Check if user is admin (middleware should handle this, but double-check)
    const sessionManager = createSessionManager();
    const cookieHeader = getHeader(event, 'cookie');
    const session = sessionManager.getSession(cookieHeader);
    
    if (!session || session.user.tier !== 'admin') {
      console.warn('🚨 Unauthorized admin stats access attempt');
      throw createError({
        statusCode: 403,
        statusMessage: 'Admin access required'
      });
    }
    
    console.log('✅ Admin access verified for user:', session.user.email);
    
    // For now, return improved mock data - TODO: integrate with real data sources
    const stats = {
      totalUsers: 156, // TODO: Get from Keycloak API
      activeUsers: 45, // TODO: Get from session store
      totalSessions: 67, // TODO: Get from session store
      systemHealth: 'healthy',
      lastBackup: new Date().toISOString(),
      diskUsage: '45%',
      memoryUsage: '62%',
      recentActivity: [
        { 
          action: 'User login', 
          user: 'john@example.com', 
          timestamp: new Date(Date.now() - 2 * 60 * 60 * 1000).toISOString(),
          type: 'info'
        },
        { 
          action: 'Password reset', 
          user: 'jane@example.com', 
          timestamp: new Date(Date.now() - 4 * 60 * 60 * 1000).toISOString(),
          type: 'warning'
        },
        { 
          action: 'User created', 
          user: 'admin@monacousa.org', 
          timestamp: new Date(Date.now() - 6 * 60 * 60 * 1000).toISOString(),
          type: 'success'
        }
      ],
      systemMetrics: {
        cpu: 45,
        memory: 62,
        disk: 38,
        uptime: '5d 12h 30m'
      },
      securityAlerts: [
        {
          id: 1,
          title: 'Failed Login Attempts',
          description: '3 failed login attempts detected',
          severity: 'medium',
          timestamp: new Date(Date.now() - 1 * 60 * 60 * 1000).toISOString()
        },
        {
          id: 2,
          title: 'System Update Available',
          description: 'Security update available for Keycloak',
          severity: 'low',
          timestamp: new Date(Date.now() - 12 * 60 * 60 * 1000).toISOString()
        }
      ]
    };
    
    console.log('✅ Admin stats retrieved successfully');
    return stats;
    
  } catch (error: any) {
    console.error('❌ Admin stats error:', error);
    
    if (error.statusCode) {
      throw error;
    }
    
    throw createError({
      statusCode: 500,
      statusMessage: 'Failed to retrieve system statistics'
    });
  }
});