const genSlug=l=>[...Array(l)].map(()=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"[Math.random()*62|0]).join(""),R=new Set(["api","dash","admin","login","logout","signin","signup","register","account","settings","profile","password","user","users","link","links","url","urls","robots","sitemap","favicon","well-known","assets","static","img","js","css","public"]);export async function onRequestPost({request:r,env:e}){try{const{'g-recaptcha-response':t,...b}=await r.json(),v=await fetch("https://www.google.com/recaptcha/api/siteverify",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:`secret=${e.RECAPCHA_KEY}&response=${t}`}).then(r=>r.json());if(!v.success)return new Response("CAPTCHA verification failed.",{status:403});const{destination_url:d,slug:s,username:u,pass_hash:h}=b;if(!d||!u||!h)return new Response("Missing fields",{status:400});const a=await e.D1_EV.prepare("SELECT pass_hash, custom_slugs FROM users WHERE username = ?").bind(u).first();if(a?.pass_hash!==h)return new Response("Invalid credentials",{status:401});let i=s;if(i){if(R.has(i.toLowerCase())||!/^[a-zA-Z0-9-]{3,32}$/.test(i)||await e.KV_EV.get(i))return new Response("Invalid or taken slug",{status:400})}else{do{i=genSlug(6)}while(await e.KV_EV.get(i))}let o=d.startsWith("http")?d:`https://${d}`;try{new URL(o)}catch{return new Response("Invalid destination URL",{status:400})}const n=o.replace(/^https?:\/\//,"");let p;try{p=JSON.parse(a.custom_slugs)}catch(r){}const c=Array.isArray(p)?p:[];c.push(i);await Promise.all([e.KV_EV.put(i,n),e.D1_EV.prepare("UPDATE users SET custom_slugs = ? WHERE username = ?").bind(JSON.stringify(c),u).run()]);return Response.json({slug:i},{status:201})}catch(r){return new Response(r.message,{status:500})}}