from fastapi import APIRouter, Depends, HTTPException, Request
from sqlalchemy.ext.asyncio import AsyncSession

from app.auth.jwt import decode_token
from app.models.user import User
from app.utils.db import get_async_session

router = APIRouter(tags=["auth"])


async def get_current_user_from_cookie(
    request: Request,
    session: AsyncSession = Depends(get_async_session),
):
    token = request.cookies.get("access_token")
    if not token:
        raise HTTPException(status_code=401, detail="Unauthorized")

    payload = decode_token(token)
    user_id = int(payload.get("sub"))
    user = await User.get_user_by_id(user_id, session=session)

    if not user:
        raise HTTPException(status_code=404, detail="User not found")
    if user.token_version != payload.get("token_version"):
        raise HTTPException(status_code=401, detail="Token revoked")

    return user


@router.get("/me")
async def read_current_user(user: User = Depends(get_current_user_from_cookie)):
    return {
        "id": user.id,
        "username": user.username,
        "email": user.email,
        "premium": user.premium,
        "is_banned": user.is_banned,
        "is_moderator": user.is_moderator,
    }