from __future__ import annotations
from fastapi import APIRouter, Request, Form
from fastapi.responses import HTMLResponse, RedirectResponse
from starlette import status
from supabase import create_client
from app.web.deps import templates
from app.services import supabase_service as sps

router = APIRouter(prefix="/me")


def _admin_client():
    return sps.get_admin_client()


def _require_user(request: Request):
    user = request.session.get("user")
    if not user:
        return None
    if not user.get("id"):
        return None
    return user


@router.get("/profile", response_class=HTMLResponse)
async def profile_page(request: Request, m: str | None = None, e: str | None = None):
    user = _require_user(request)
    if not user:
        return RedirectResponse(url="/auth/login", status_code=status.HTTP_303_SEE_OTHER)
    return templates.TemplateResponse(
        "me/profile.html",
        {
            "request": request,
            "message": m,
            "error": e,
            "name": user.get("name") or "",
            "org": user.get("org") or "",
            "department": user.get("department") or "",
            "office_phone": user.get("office_phone") or "",
            "responsibility": user.get("responsibility") or "",
        },
    )


@router.post("/profile")
async def profile_save(
    request: Request,
    name: str = Form(...),
    department: str | None = Form(None),
    office_phone: str | None = Form(None),
    responsibility: str | None = Form(None),
):
    user = _require_user(request)
    if not user:
        return RedirectResponse(url="/auth/login", status_code=status.HTTP_303_SEE_OTHER)
    uid = user.get("id")
    try:
        client = _admin_client()
        attrs = {
            "user_metadata": {
                "name": name,
                "org": user.get("org"),  # org stays as-is; derived from email
                "department": department or "",
                "office_phone": office_phone or "",
                "responsibility": responsibility or "",
            }
        }
        client.auth.admin.update_user_by_id(uid, attrs)
        # update session
        user.update({
            "name": name,
            "department": department or "",
            "office_phone": office_phone or "",
            "responsibility": responsibility or "",
        })
        request.session["user"] = user
        return RedirectResponse(url="/me/profile?m=saved", status_code=status.HTTP_303_SEE_OTHER)
    except Exception:
        return RedirectResponse(url="/me/profile?e=save_failed", status_code=status.HTTP_303_SEE_OTHER)


@router.get("/password", response_class=HTMLResponse)
async def password_page(request: Request, m: str | None = None, e: str | None = None):
    user = _require_user(request)
    if not user:
        return RedirectResponse(url="/auth/login", status_code=status.HTTP_303_SEE_OTHER)
    return templates.TemplateResponse(
        "me/password.html",
        {"request": request, "message": m, "error": e},
    )


@router.post("/password")
async def password_save(request: Request, new_password: str = Form(...)):
    user = _require_user(request)
    if not user:
        return RedirectResponse(url="/auth/login", status_code=status.HTTP_303_SEE_OTHER)
    uid = user.get("id")
    try:
        client = _admin_client()
        client.auth.admin.update_user_by_id(uid, {"password": new_password})
        return RedirectResponse(url="/me/password?m=changed", status_code=status.HTTP_303_SEE_OTHER)
    except Exception:
        return RedirectResponse(url="/me/password?e=change_failed", status_code=status.HTTP_303_SEE_OTHER)