export default defineEventHandler(async (event) => {
  console.log('📊 Simple admin stats requested at:', new Date().toISOString());
  
  try {
    // Check if user is admin
    const sessionManager = createSessionManager();
    const cookieHeader = getHeader(event, 'cookie');
    const session = sessionManager.getSession(cookieHeader);
    
    if (!session || session.user.tier !== 'admin') {
      console.warn('🚨 Unauthorized admin stats access attempt');
      throw createError({
        statusCode: 403,
        statusMessage: 'Admin access required'
      });
    }
    
    console.log('✅ Admin access verified for user:', session.user.email);
    
    // Return simple user-focused stats without system metrics
    const stats = {
      // Simple user count (mock data for now - would come from Keycloak API)
      userCount: 25,
      
      // Basic portal health without system metrics
      portalStatus: 'online',
      lastUpdate: new Date().toISOString()
    };
    
    console.log('✅ Simple admin stats retrieved successfully');
    return stats;
    
  } catch (error: any) {
    console.error('❌ Admin stats error:', error);
    
    if (error.statusCode) {
      throw error;
    }
    
    throw createError({
      statusCode: 500,
      statusMessage: 'Failed to retrieve admin statistics'
    });
  }
});