import { NextRequest, NextResponse } from 'next/server' import prisma from '@/lib/prisma' import bcrypt from 'bcryptjs' import { createMobileToken } from '@/lib/mobile-auth' export async function POST(req: NextRequest) { try { const { email, password } = await req.json() if (!email || !password) { return NextResponse.json({ error: 'Email et mot de passe requis' }, { status: 400 }) } const user = await prisma.user.findUnique({ where: { email: email.toLowerCase().trim() }, select: { id: true, name: true, email: true, password: true, subscription: { select: { tier: true } }, }, }) if (!user?.password) { return NextResponse.json({ error: 'Identifiants invalides' }, { status: 401 }) } const valid = await bcrypt.compare(password, user.password) if (!valid) { return NextResponse.json({ error: 'Identifiants invalides' }, { status: 401 }) } const token = createMobileToken(user.id) return NextResponse.json({ token, user: { id: user.id, name: user.name, email: user.email, tier: user.subscription?.tier ?? 'BASIC', }, }) } catch (e) { console.error('[mobile/auth/login]', e) return NextResponse.json({ error: 'Erreur serveur' }, { status: 500 }) } }