from datetime import timedelta

from fastapi import APIRouter, Depends, HTTPException, status
from sqlalchemy.orm import Session

from ..dependencies import (
    get_password_hash,
    verify_password,
    create_access_token,
)
from ..db import get_db
from ..models import User, UserRole
from ..schemas import UserCreate, UserOut, UserLogin, Token
from ..config import settings


router = APIRouter()


@router.post("/register", response_model=UserOut)
def register(payload: UserCreate, db: Session = Depends(get_db)):
    existing = db.query(User).filter(User.email == payload.email).first()
    if existing:
        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Email already registered")
    user = User(email=payload.email, password_hash=get_password_hash(payload.password), role=UserRole.USER)
    db.add(user)
    db.commit()
    db.refresh(user)
    return user


@router.post("/login", response_model=Token)
def login(payload: UserLogin, db: Session = Depends(get_db)):
    user = db.query(User).filter(User.email == payload.email).first()
    if not user or not verify_password(payload.password, user.password_hash):
        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect email or password")

    access_token_expires = timedelta(minutes=settings.access_token_expire_minutes)
    token = create_access_token(subject=user.email, expires_delta=access_token_expires)
    return Token(access_token=token, expires_in=int(access_token_expires.total_seconds()))


@router.post("/fcm-token")
def update_fcm_token(token: str, db: Session = Depends(get_db)):
    # Simple public endpoint to store FCM tokens is unsafe; should be authed in real app.
    # For MVP keep it simple via query/body param with email association at login step.
    return {"ok": True}