const express = require("express");
const router = express.Router();
const db = require("../database/database");
const auth = require("../middleware/auth");

router.post("/", auth, async (req, res) => {
  const userId = req.session.user.id;

  const { slot, itemId, itemLevelId } = req.body;

  if (!slot) {
    return res.status(400).json({ error: "Slot fehlt" });
  }

  try {
    await db.query(
      `
      INSERT INTO avatar_equipment
      (user_id,slot,item_id,item_level_id)
      VALUES (?,?,?,?)
      ON DUPLICATE KEY UPDATE
        item_id = VALUES(item_id),
        item_level_id = VALUES(item_level_id)
    `,
      [userId, slot, itemId || null, itemLevelId || null],
    );

    res.json({ success: true });
  } catch (err) {
    console.error("Equip Fehler:", err);
    res.status(500).json({ error: "DB Fehler" });
  }
});

module.exports = router;