function cors(request) {
  const origin = request.headers.get("Origin") || "*";
  return {
    "Access-Control-Allow-Origin": origin,
    "Access-Control-Allow-Methods": "GET,POST,OPTIONS",
    "Access-Control-Allow-Headers": "Content-Type, Authorization",
    "Access-Control-Allow-Credentials": "true",
    "Vary": "Origin",
  };
}

export default {
  async fetch(request, env) {
    const url = new URL(request.url);
    const headers = cors(request);

    if (request.method === "OPTIONS") {
      return new Response(null, { status: 204, headers });
    }

    if (url.pathname === "/") {
      return new Response("API OK", { status: 200, headers });
    }

    // ✅ UPLOAD: acepta cualquier body (FormData o lo que sea)
    if (url.pathname === "/upload" && request.method === "POST") {
      try {
        // intenta formData (si viene de <form>)
        let fileName = null;
        let category = null;

        const ct = request.headers.get("content-type") || "";
        if (ct.includes("multipart/form-data")) {
          const fd = await request.formData();
          const file = fd.get("file") || fd.get("photo") || fd.get("image") || fd.get("receipt");
          category = fd.get("category") || fd.get("categoria") || "unknown";
          fileName = file?.name || null;
        }

        // guarda algo mínimo en D1 para confirmar
        await env.DB.prepare(`
          CREATE TABLE IF NOT EXISTS receipts (
            id INTEGER PRIMARY KEY AUTOINCREMENT,
            category TEXT,
            filename TEXT,
            created_at TEXT
          )
        `).run();

        await env.DB.prepare(
          "INSERT INTO receipts (category, filename, created_at) VALUES (?, ?, datetime('now'))"
        ).bind(String(category || "unknown"), String(fileName || "nofile")).run();

        return new Response(
          JSON.stringify({ ok: true, category: category || "unknown", filename: fileName }),
          { status: 200, headers: { ...headers, "Content-Type": "application/json" } }
        );
      } catch (e) {
        return new Response(
          JSON.stringify({ ok: false, error: e.message }),
          { status: 500, headers: { ...headers, "Content-Type": "application/json" } }
        );
      }
    }

    // ✅ receipts.csv
    if (url.pathname === "/receipts.csv" && request.method === "GET") {
      const { results } = await env.DB.prepare(
        "SELECT id, category, filename, created_at FROM receipts ORDER BY id DESC LIMIT 100"
      ).all();

      const csv =
        "id,category,filename,created_at\n" +
        results.map(r => `${r.id},${r.category},${r.filename},${r.created_at}`).join("\n");

      return new Response(csv, {
        status: 200,
        headers: { ...headers, "Content-Type": "text/csv" },
      });
    }

    return new Response("Not found", { status: 404, headers });
  },
};