package public

import (
	"net/http"
	"strings"

	"github.com/gin-gonic/gin"
	"github.com/mattnite/forgejo-tickets/internal/auth"
	"github.com/mattnite/forgejo-tickets/internal/config"
	"github.com/mattnite/forgejo-tickets/internal/email"
	"github.com/mattnite/forgejo-tickets/internal/forgejo"
	"github.com/mattnite/forgejo-tickets/internal/middleware"
	"github.com/mattnite/forgejo-tickets/internal/templates"
	"gorm.io/gorm"
)

type Dependencies struct {
	DB            *gorm.DB
	Renderer      *templates.Renderer
	Auth          *auth.Service
	SessionStore  *auth.PGStore
	EmailClient   *email.Client
	ForgejoClient *forgejo.Client
	Config        *config.Config
}

func NewRouter(deps Dependencies) *gin.Engine {
	r := gin.New()

	r.Use(middleware.RequestID)
	r.Use(middleware.Logging)
	r.Use(middleware.Recovery)
	r.Use(deps.Auth.SessionMiddleware)

	csrfSecret := []byte(deps.Config.SessionSecret)
	isSecure := strings.HasPrefix(deps.Config.BaseURL, "https")
	csrfMiddleware := middleware.CSRF(csrfSecret, isSecure)

	r.GET("/health", func(c *gin.Context) {
		c.String(http.StatusOK, "ok")
	})

	r.Static("/static", "web/static")

	webhookHandler := &WebhookHandler{deps: deps}
	r.POST("/webhooks/forgejo/:repoSlug", webhookHandler.HandleForgejoWebhook)

	csrf := r.Group("/")
	csrf.Use(csrfMiddleware)
	{
		homeHandler := &HomeHandler{deps: deps}
		csrf.GET("/", homeHandler.Index)

		authHandler := &AuthHandler{deps: deps}
		csrf.GET("/login", authHandler.LoginForm)
		csrf.POST("/login", authHandler.Login)
		csrf.GET("/register", authHandler.RegisterForm)
		csrf.POST("/register", authHandler.Register)
		csrf.POST("/logout", authHandler.Logout)
		csrf.GET("/verify-email", authHandler.VerifyEmail)
		csrf.GET("/forgot-password", authHandler.ForgotPasswordForm)
		csrf.POST("/forgot-password", authHandler.ForgotPassword)
		csrf.GET("/reset-password", authHandler.ResetPasswordForm)
		csrf.POST("/reset-password", authHandler.ResetPassword)

		oauthHandler := &OAuthHandler{deps: deps}
		csrf.GET("/auth/:provider/login", oauthHandler.Login)
		csrf.GET("/auth/:provider/callback", oauthHandler.Callback)
		csrf.POST("/auth/apple/callback", oauthHandler.AppleCallback)

		authenticated := csrf.Group("/")
		authenticated.Use(auth.RequireAuth)
		{
			ticketHandler := &TicketHandler{deps: deps}
			authenticated.GET("/tickets", ticketHandler.List)
			authenticated.GET("/tickets/new", ticketHandler.NewForm)
			authenticated.POST("/tickets", ticketHandler.Create)
			authenticated.GET("/tickets/:id", ticketHandler.Detail)
			authenticated.POST("/tickets/:id/comments", ticketHandler.AddComment)
			authenticated.GET("/tickets/:id/attachments/:attachmentId/*filename", ticketHandler.DownloadAttachment)
		}
	}

	return r
}