"""Authentication endpoints."""

from fastapi import APIRouter, HTTPException, Depends

from api.schemas import LoginRequest, LoginResponse
from services.database import db_service
from services.auth import auth_service

router = APIRouter(tags=["auth"])


@router.post("/auth/login", response_model=LoginResponse)
async def login(request: LoginRequest):
    """
    Authenticate a user and return a JWT token.
    Credentials must be created manually using the create_user.py script.
    """
    user = await db_service.get_user(request.username)
    if not user:
        raise HTTPException(status_code=401, detail="Invalid username or password")

    hashed_password = user.get("hashed_password")
    if not hashed_password:
        raise HTTPException(status_code=500, detail="User data corrupted")

    if not auth_service.verify_password(request.password, hashed_password):
        raise HTTPException(status_code=401, detail="Invalid username or password")

    token = auth_service.create_access_token(request.username)
    return {
        "token": token,
        "username": request.username,
        "message": "Login successful",
    }