from flask import Blueprint, render_template, request, redirect, url_for
from werkzeug.security import generate_password_hash, check_password_hash
from flask_login import login_user, logout_user, login_required
from datetime import datetime, timedelta
from flask_jwt_extended import create_access_token
from flask import jsonify

import random

from .models import db, User
from .email import send_otp

auth = Blueprint("auth", __name__, url_prefix="/auth")

def gen_otp():
    return str(random.randint(100000, 999999))


@auth.route("/register", methods=["GET", "POST"])
def register():
    if request.method == "POST":
        otp = gen_otp()
        user = User(
            email=request.form["email"],
            password=generate_password_hash(request.form["password"]),
            otp=otp,
            otp_expiry=datetime.now() + timedelta(minutes=5)
        )
        db.session.add(user)
        db.session.commit()
        send_otp(user.email, otp)
        return redirect(url_for("auth.verify", email=user.email))
    return render_template("auth/register.html")


# @auth.route("/verify/<email>", methods=["GET", "POST"])
# def verify(email):
#     user = User.query.filter_by(email=email).first()
#     if request.method == "POST":
#         if user.otp == request.form["otp"] and user.otp_expiry > datetime.now():
#             user.is_verified = True
#             user.otp = None
#             db.session.commit()
#             return redirect(url_for("auth.login"))
#     return render_template("auth/verify_otp.html")

@auth.route("/verify/<email>", methods=["GET", "POST"])
def verify(email):
    user = User.query.filter_by(email=email).first()

    if request.method == "POST":
        if user.otp != request.form["otp"]:
            return render_template("auth/verify_otp.html", error="Invalid OTP")

        if user.otp_expiry < datetime.now():
            return render_template("auth/verify_otp.html", error="OTP expired")

        user.is_verified = True
        user.otp = None
        db.session.commit()

        return render_template(
            "auth/login.html",
            success="Email verified successfully"
        )

    return render_template("auth/verify_otp.html")


@auth.route("/login", methods=["GET", "POST"])
def login():
    if request.method == "POST":
        user = User.query.filter_by(email=request.form["email"]).first()

        if user and check_password_hash(user.password, request.form["password"]) and user.is_verified:
            login_user(user)

            token = create_access_token(identity=user.id)

            return jsonify({
                "message": "login success",
                "access_token": token
            })

    return render_template("auth/login.html")

@auth.route("/logout")
@login_required
def logout():
    logout_user()
    return redirect("/")