import { NextRequest, NextResponse } from "next/server";
import { getCurrentUser } from "@/lib/auth";
import { queryRaw } from "@/lib/db";

export async function DELETE(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
  const user = await getCurrentUser(req);
  if (!user) return NextResponse.json({ error: "Unauthorized" }, { status: 403 });

  const { id } = await params;
  const existing = await queryRaw<{ id: number }>(
    `SELECT id FROM budgets WHERE id = $1 AND owner_id = $2`,
    [Number(id), user.id]
  );
  if (!existing.length) return NextResponse.json({ error: "Not found" }, { status: 404 });

  await queryRaw(`DELETE FROM budgets WHERE id = $1`, [Number(id)]);
  return NextResponse.json({ ok: true });
}