import BoardPost from '../../../models/boardPost.js'
import { requireAuth } from '../../../utils/auth.js'

export default defineEventHandler(async (event) => {
  const member = await requireAuth(event)
  const id = getRouterParam(event, 'id')

  const post = await BoardPost.findById(id)
  if (!post) {
    throw createError({ statusCode: 404, statusMessage: 'Post not found' })
  }

  if (post.author.toString() !== member._id.toString()) {
    throw createError({ statusCode: 403, statusMessage: 'Not authorized to delete this post' })
  }

  await post.deleteOne()

  return { success: true }
})