api/archive/segments.js

import { verifyOwnerToken } from '../_owner-auth.js';
import { getConfig } from '../../lib/config.js';
import { segmentVideoByKey } from '../../services/archive/segment-video.js';

function setCors(res) {
  res.setHeader('Access-Control-Allow-Credentials', 'true');
  res.setHeader('Access-Control-Allow-Origin', '*');
  res.setHeader('Access-Control-Allow-Methods', 'POST,OPTIONS');
  res.setHeader('Access-Control-Allow-Headers', 'Authorization, Content-Type');
}

function requireOwner(req) {
  const authHeader = req.headers.authorization || '';
  const token = authHeader.startsWith('Bearer ') ? authHeader.slice(7) : '';
  const cfg = getConfig();
  const auth = verifyOwnerToken(token, cfg.ownerLoginPassword);

  if (!auth.valid) {
    const error = new Error('Unauthorized');
    error.status = 401;
    throw error;
  }
}

export default async function handler(req, res) {
  setCors(res);

  if (req.method === 'OPTIONS') {
    return res.status(200).end();
  }

  if (req.method !== 'POST') {
    return res.status(405).json({ message: 'Method not allowed' });
  }

  try {
    requireOwner(req);

    const videoKey = String(req.body?.video_key || '').trim();
    if (!videoKey) {
      return res.status(400).json({ message: 'Body must include { video_key }' });
    }

    const result = await segmentVideoByKey(videoKey);
    return res.status(200).json(result);
  } catch (error) {
    return res.status(Number(error?.status) || 500).json({
      message: error?.message || 'Failed to segment video',
    });
  }
}