from fastapi import APIRouter, Depends, HTTPException
from sqlalchemy.orm import Session

from auth import create_access_token, get_current_user, hash_password, verify_password
from database import get_db
from models import User, Variety
from schemas import Token, UserCreate, UserLogin, UserOut

router = APIRouter(prefix="/auth", tags=["auth"])

STARTER_VARIETIES = [
    dict(name="Tomato", variety_name="Cherry", category="vegetable",
         weeks_to_start=8, weeks_to_greenhouse=2, weeks_to_garden=2,
         days_to_germinate=7, frost_tolerant=False, sun_requirement="full_sun",
         water_needs="medium", color="#e76f51",
         notes="Great in containers. Very prolific producer."),
    dict(name="Basil", variety_name="Sweet", category="herb",
         weeks_to_start=6, weeks_to_greenhouse=1, weeks_to_garden=2,
         days_to_germinate=7, frost_tolerant=False, sun_requirement="full_sun",
         water_needs="medium", color="#40916c",
         notes="Very frost sensitive. Transplant after all danger of frost."),
    dict(name="Marigold", variety_name="French", category="flower",
         weeks_to_start=6, weeks_to_greenhouse=1, weeks_to_garden=0,
         days_to_germinate=5, frost_tolerant=False, sun_requirement="full_sun",
         water_needs="low", color="#f4a261",
         notes="Great companion plant for tomatoes. Deters pests."),
]


@router.post("/register", response_model=UserOut, status_code=201)
def register(data: UserCreate, db: Session = Depends(get_db)):
    if db.query(User).filter(User.email == data.email).first():
        raise HTTPException(status_code=400, detail="Email already registered")
    user = User(email=data.email, hashed_password=hash_password(data.password))
    db.add(user)
    db.flush()  # get user.id before commit
    for v in STARTER_VARIETIES:
        db.add(Variety(**v, user_id=user.id))
    db.commit()
    db.refresh(user)
    return user


@router.post("/login", response_model=Token)
def login(data: UserLogin, db: Session = Depends(get_db)):
    user = db.query(User).filter(User.email == data.email).first()
    if not user or not verify_password(data.password, user.hashed_password):
        raise HTTPException(status_code=401, detail="Invalid email or password")
    return {"access_token": create_access_token(user.id), "token_type": "bearer"}


@router.get("/me", response_model=UserOut)
def me(current_user: User = Depends(get_current_user)):
    return current_user