from fastapi import APIRouter, Depends, HTTPException
from fastapi.security import OAuth2PasswordRequestForm
from sqlalchemy.ext.asyncio import AsyncSession

from app.utils.logger_cfg import logger

from app.auth.jwt import create_access_token, create_refresh_token
from app.models.user import User
from app.utils.db import get_async_session
from app.utils.hash_cfg import verify_password

router = APIRouter(tags=["auth"])


@router.post("/login")
async def login(
    form_data: OAuth2PasswordRequestForm = Depends(),
    session: AsyncSession = Depends(get_async_session),
):
    user = await User.get_user_by_email(form_data.username, session=session)
    if not user:
        user = await User.get_user_by_username(form_data.username, session=session)

    if not user or not verify_password(form_data.password, user.password):
        logger.warning("Login failed | username/email={}", form_data.username)
        raise HTTPException(status_code=401, detail="Invalid credentials")

    access_token = create_access_token({"sub": str(user.id)})
    refresh_token = create_refresh_token({"sub": str(user.id)})

    logger.info("User logged in | id={} username={}", user.id, user.username)

    return {
        "access_token": access_token,
        "refresh_token": refresh_token,
        "token_type": "bearer",
    }