"""
Session management routes
"""
from fastapi import APIRouter, Header, Cookie, Response, Request
from typing import Optional
import uuid

from app.core.database import create_new_session_id
from app.config import settings

router = APIRouter(prefix="/session", tags=["Session"])


@router.post("/create")
def create_session(response: Response, request: Request):
    """Create a new session and return session_id"""
    session_id = create_new_session_id()
    secure = settings.cookie_secure
    samesite = settings.cookie_samesite
    proto = request.headers.get("x-forwarded-proto", request.url.scheme)
    if proto != "https" and secure:
        secure = False
        samesite = "lax"
    response.set_cookie(
        key="numidium_session",
        value=session_id,
        max_age=60*60*24*365,  # 1 year
        httponly=True,
        samesite=samesite,
        secure=secure
    )
    return {"session_id": session_id}


@router.get("/current")
def get_current_session(
    numidium_session: Optional[str] = Cookie(None),
    x_session_id: Optional[str] = Header(None)
):
    """Get current session ID"""
    session_id = x_session_id or numidium_session
    if not session_id:
        return {"session_id": None, "message": "No session. Call POST /session/create"}
    return {"session_id": session_id}