import { createClient } from "@supabase/supabase-js";

const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL;
const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY;
const supabaseServiceKey = process.env.SUPABASE_SERVICE_ROLE_KEY;

if (!supabaseUrl || !supabaseAnonKey) {
  throw new Error("Missing Supabase environment variables");
}

const requiredSupabaseUrl = supabaseUrl as string;
const requiredSupabaseAnonKey = supabaseAnonKey as string;

// Client for browser/client-side use (uses anon key)
export const supabase = createClient(requiredSupabaseUrl, requiredSupabaseAnonKey);

// Admin client for server-side operations (uses service role key)
// This bypasses RLS and should only be used in server contexts
export function getServiceSupabase() {
  if (!supabaseServiceKey) {
    throw new Error("SUPABASE_SERVICE_ROLE_KEY is not set");
  }
  return createClient(requiredSupabaseUrl, supabaseServiceKey as string, {
    auth: {
      autoRefreshToken: false,
      persistSession: false,
    },
  });
}