import os
import secrets
from datetime import datetime, timedelta

# Load .env file if present (docker-compose handles this in production)
_env_path = os.path.join(os.path.dirname(__file__), "..", ".env")
if os.path.isfile(_env_path):
    with open(_env_path) as _f:
        for _line in _f:
            _line = _line.strip()
            if _line and not _line.startswith("#") and "=" in _line:
                _key, _, _value = _line.partition("=")
                os.environ.setdefault(_key.strip(), _value.strip())

from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
from fastapi.staticfiles import StaticFiles

from auth import hash_password
from database import Base, SessionLocal, engine, migrate
from models import Invitation, User
from routers.admin import router as admin_router
from routers.auth import router as auth_router
from routers.drinks import router as drinks_router

migrate()
Base.metadata.create_all(bind=engine)

app = FastAPI(title="Cellar API", version="1.0.0")

ALLOWED_ORIGINS = [
    origin.strip()
    for origin in os.environ.get("CORS_ORIGINS", "http://localhost:5173,http://localhost:3000").split(",")
    if origin.strip()
]

app.add_middleware(
    CORSMiddleware,
    allow_origins=ALLOWED_ORIGINS,
    allow_credentials=True,
    allow_methods=["GET", "POST", "PUT", "DELETE"],
    allow_headers=["Authorization", "Content-Type"],
)

app.include_router(admin_router)
app.include_router(auth_router)
app.include_router(drinks_router)

uploads_dir = os.path.join(os.path.dirname(__file__), "uploads")
os.makedirs(uploads_dir, exist_ok=True)


@app.get("/api/health")
def health_check():
    return {"status": "ok"}


@app.on_event("startup")
def create_default_user():
    admin_password = os.environ.get("ADMIN_PASSWORD")
    if not admin_password:
        admin_password = secrets.token_urlsafe(16)
        print("╔══════════════════════════════════════════════════╗")
        print("║  ADMIN_PASSWORD non défini dans l'environnement ║")
        print("║  Un mot de passe aléatoire a été généré         ║")
        print("║  Configurez ADMIN_PASSWORD pour la production   ║")
        print("╚══════════════════════════════════════════════════╝")

    db = SessionLocal()
    try:
        admin_exists = db.query(User).filter(
            (User.username == "admin") | (User.email == "admin@cellar.local")
        ).first()
        if not admin_exists:
            try:
                user = User(
                    username="admin",
                    email="admin@cellar.local",
                    hashed_password=hash_password(admin_password),
                    is_admin=True,
                )
                db.add(user)
                db.flush()

                invite = Invitation(
                    token=secrets.token_urlsafe(32),
                    created_by=user.id,
                    expires_at=datetime.utcnow() + timedelta(days=7),
                )
                db.add(invite)
                db.commit()

                print("╔══════════════════════════════════════════╗")
                print("║  Premier démarrage - Compte créé         ║")
                print("║  Username : admin                        ║")
                print("║  Password : (depuis ADMIN_PASSWORD ou    ║")
                print("║             mot de passe aléatoire)     ║")
                print("╚══════════════════════════════════════════╝")
            except Exception:
                db.rollback()
                pass
    finally:
        db.close()