"""
Authentication API router.
Provides endpoints for user registration, login, token refresh, and user info.
"""
from fastapi import APIRouter, HTTPException, status, Request
from schemas.auth import (
    UserRegister, UserLogin, TokenResponse,
    TokenRefresh, UserResponse
)
from services.auth_service import AuthService

router = APIRouter(
    prefix="/api/auth",
    tags=["authentication"]
)


@router.post("/register", status_code=status.HTTP_201_CREATED)
async def register(user_data: UserRegister):
    """
    Register a new user.
    
    Args:
        user_data: User registration data
        
    Returns:
        Success message with user_id
        
    Raises:
        HTTPException: 409 if username or email already exists
        HTTPException: 400 if validation fails
    """
    user = AuthService.register_user(
        username=user_data.username,
        email=user_data.email,
        password=user_data.password
    )
    
    return {
        "message": "用户注册成功",
        "user_id": user.id
    }


@router.post("/login", response_model=TokenResponse)
async def login(credentials: UserLogin):
    """
    Authenticate user and return JWT tokens.
    
    Args:
        credentials: User login credentials
        
    Returns:
        Access token, refresh token, and user info
        
    Raises:
        HTTPException: 401 if credentials are invalid
    """
    result = AuthService.login_user(
        username=credentials.username,
        password=credentials.password
    )
    
    return TokenResponse(
        access_token=result["access_token"],
        refresh_token=result["refresh_token"],
        user=UserResponse(**result["user"])
    )


@router.post("/refresh", response_model=TokenResponse)
async def refresh_token(token_data: TokenRefresh):
    """
    Refresh access token using refresh token.
    
    Args:
        token_data: Refresh token
        
    Returns:
        New access token and refresh token
        
    Raises:
        HTTPException: 401 if refresh token is invalid or expired
    """
    result = AuthService.refresh_tokens(token_data.refresh_token)
    
    return TokenResponse(
        access_token=result["access_token"],
        refresh_token=result["refresh_token"],
        user=UserResponse(**result["user"])
    )


@router.get("/me", response_model=UserResponse)
async def get_current_user(request: Request):
    """
    Get current authenticated user info.
    
    Args:
        request: FastAPI Request with user info in state
        
    Returns:
        Current user information
        
    Raises:
        HTTPException: 401 if not authenticated
    """
    user_data = getattr(request.state, "user", None)
    
    if not user_data:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="未认证"
        )
    
    user = AuthService.get_current_user(user_data["id"])
    
    return UserResponse(
        id=user.id,
        username=user.username,
        email=user.email,
        role=user.role,
        created_at=user.created_at
    )