apps/web/src/app/api/uploads/init/route.ts

import { uploadInitRequestSchema } from "@tenderhub/schemas";
import { createUploadSession } from "@/lib/state/tender-store";
import { fail, ok } from "@/lib/http";
import { withRateLimit } from "@/lib/http/rate-limit";
import { resolveRequestIdentity } from "@/lib/request-identity";
import { trackEvent, AnalyticsEvents } from "@/lib/monitoring";

async function handler(request: Request) {
  const payload = await request.json().catch(() => null);
  const parsed = uploadInitRequestSchema.safeParse(payload);
  if (!parsed.success) {
    return fail("Invalid upload init payload", 400, parsed.error.flatten());
  }

  let identity;
  try {
    identity = await resolveRequestIdentity();
  } catch (error) {
    return fail(
      "Missing request identity",
      401,
      error instanceof Error ? error.message : "Invalid identity"
    );
  }

  try {
    const session = await createUploadSession(parsed.data, identity);
    
    await trackEvent(AnalyticsEvents.TENDER_UPLOADED, {
      organizationId: identity.organizationId,
      fileName: parsed.data.fileName,
      fileSize: parsed.data.fileSize,
    });
    
    return ok(session, 201);
  } catch (error) {
    return fail(
      "Failed to initialize upload session",
      500,
      error instanceof Error ? error.message : "Unknown error"
    );
  }
}

export const POST = withRateLimit(handler, "upload");