from fastapi import APIRouter, Depends, HTTPException, status
from .models import Token, UserPublic, authenticate_user, create_access_token, UserCreate, register_user
from datetime import timedelta
from typing import Annotated
from ..config import get_session_db
from fastapi.security import OAuth2PasswordRequestForm
from sqlalchemy.orm import Session

router = APIRouter(
    prefix="/auth",
    tags=["auth"],
    responses={404: {"description": "Not found"}},
    dependencies=[],
)

@router.post('/login')
async def login_for_access_token(
    form_data : Annotated[OAuth2PasswordRequestForm, Depends()],
    session : Annotated[Session, Depends(get_session_db)],
) -> Token:

    user = authenticate_user(session, form_data.username, form_data.password)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Incorrect username or password",
            headers={"WWW-Authenticate": "Bearer"},
        )
    access_token_expires = timedelta(minutes=30)
    access_token = create_access_token(
        data={"sub": user.username, "role": user.role, 'status': user.status}, expires_delta=access_token_expires
    )
    return Token(access_token=access_token, token_type="bearer")


@router.post('/register', response_model=UserPublic) #userPublic güvenli bir model
async def create_user(
        session : Annotated[Session, Depends(get_session_db)],
        user : Annotated[UserCreate, Depends()]
):
    
    return register_user(session, user)