from fastapi import Depends, HTTPException, Request, status
from sqlalchemy.ext.asyncio import AsyncSession

from app.auth.jwt import JWTClaims, decode_token
from app.models.user import User
from app.utils.db import get_async_session


async def get_optional_user(
    request: Request,
    session: AsyncSession = Depends(get_async_session),
) -> User | None:
    token = request.cookies.get("access_token")
    if not token:
        return None

    try:
        payload: JWTClaims = decode_token(token)
    except Exception:
        return None

    sub = payload["sub"]
    token_version = payload["token_version"]

    if not sub.isdigit():
        return None

    user_id = int(sub)

    user = await User.get_user_by_id(user_id, session=session)
    if not user:
        return None

    if user.token_version != token_version:
        return None

    return user


async def get_current_user(
    user: User | None = Depends(get_optional_user),
) -> User:
    if user is None:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Not authenticated",
        )
    return user