import { NextResponse } from 'next/server';
import { getOrCreateCsrfToken } from '@/lib/csrf';

export const dynamic = 'force-dynamic';

/**
 * GET /api/csrf
 * Returns a CSRF token for the current session
 */
export async function GET() {
  const token = getOrCreateCsrfToken();

  return NextResponse.json({ csrfToken: token });
}