package model

import (
	"time"

	"gorm.io/gorm"
)

// User represents a user in the system
type Customer struct {
	ID                       uint           `gorm:"primaryKey" json:"id"`
	Email                    string         `gorm:"uniqueIndex;not null;size:255" json:"email"`
	Password                 string         `gorm:"size:255" json:"-"` // Hashed password, not exposed in JSON
	FirstName                string         `gorm:"size:100" json:"first_name"`
	LastName                 string         `gorm:"size:100" json:"last_name"`
	Role                     CustomerRole   `gorm:"type:varchar(20);default:'user'" json:"role"`
	Provider                 AuthProvider   `gorm:"type:varchar(20);default:'local'" json:"provider"`
	ProviderID               string         `gorm:"size:255" json:"provider_id,omitempty"` // ID from OAuth provider
	AvatarURL                string         `gorm:"size:500" json:"avatar_url,omitempty"`
	IsActive                 bool           `gorm:"default:true" json:"is_active"`
	EmailVerified            bool           `gorm:"default:false" json:"email_verified"`
	EmailVerificationToken   string         `gorm:"size:255" json:"-"`
	EmailVerificationExpires *time.Time     `json:"-"`
	PasswordResetToken       string         `gorm:"size:255" json:"-"`
	PasswordResetExpires     *time.Time     `json:"-"`
	LastPasswordResetRequest *time.Time     `json:"-"`
	LastLoginAt              *time.Time     `json:"last_login_at,omitempty"`
	Lang                     string         `gorm:"size:10;default:'en'" json:"lang"` // User's preferred language
	CreatedAt                time.Time      `json:"created_at"`
	UpdatedAt                time.Time      `json:"updated_at"`
	DeletedAt                gorm.DeletedAt `gorm:"index" json:"-"`
}

// CustomerRole represents the role of a user
type CustomerRole string

const (
	RoleUser  CustomerRole = "user"
	RoleAdmin CustomerRole = "admin"
)

// AuthProvider represents the authentication provider
type AuthProvider string

const (
	ProviderLocal  AuthProvider = "local"
	ProviderGoogle AuthProvider = "google"
)

// TableName specifies the table name for User model
func (Customer) TableName() string {
	return "b2b_customers"
}

// IsAdmin checks if the user has admin role
func (u *Customer) IsAdmin() bool {
	return u.Role == RoleAdmin
}

// CanManageUsers checks if the user can manage other users
func (u *Customer) CanManageUsers() bool {
	return u.Role == RoleAdmin
}

// FullName returns the user's full name
func (u *Customer) FullName() string {
	if u.FirstName == "" && u.LastName == "" {
		return u.Email
	}
	return u.FirstName + " " + u.LastName
}

// UserSession represents a user session for JWT claims
type UserSession struct {
	UserID    uint         `json:"user_id"`
	Email     string       `json:"email"`
	Username  string       `json:"username"`
	Role      CustomerRole `json:"role"`
	FirstName string       `json:"first_name"`
	LastName  string       `json:"last_name"`
	Lang      string       `json:"lang"`
}

// ToSession converts User to UserSession
func (u *Customer) ToSession() *UserSession {
	return &UserSession{
		UserID:    u.ID,
		Email:     u.Email,
		Role:      u.Role,
		FirstName: u.FirstName,
		LastName:  u.LastName,
		Lang:      u.Lang,
	}
}

// LoginRequest represents the login form data
type LoginRequest struct {
	Email    string `json:"email" form:"email"`
	Password string `json:"password" form:"password"`
}

// RegisterRequest represents the initial registration form data
type RegisterRequest struct {
	ErrorMsg        string `form:"error_msg" json:"error_msg"`
	Email           string `json:"email" form:"email"`
	Password        string `json:"password" form:"password"`
	ConfirmPassword string `json:"confirm_password" form:"confirm_password"`
	FirstName       string `json:"first_name" form:"first_name"`
	LastName        string `json:"last_name" form:"last_name"`
	Lang            string `form:"lang" json:"lang"`
}

// CompleteRegistrationRequest represents the completion of registration with email verification
type CompleteRegistrationRequest struct {
	Token string `json:"token" form:"token"`
}

// ResetPasswordRequest represents the reset password form data
type ResetPasswordRequest struct {
	Token    string `json:"token" form:"token"`
	Password string `json:"password" form:"password"`
}

// AuthResponse represents the authentication response
type AuthResponse struct {
	AccessToken string       `json:"access_token"`
	TokenType   string       `json:"token_type"`
	ExpiresIn   int          `json:"expires_in"`
	User        *UserSession `json:"user"`
}

// RefreshToken represents an opaque refresh token stored in the database
type RefreshToken struct {
	ID         uint      `gorm:"primaryKey" json:"-"`
	CustomerID uint      `gorm:"not null;index" json:"-"`
	TokenHash  string    `gorm:"size:64;uniqueIndex;not null" json:"-"` // SHA-256 hex of the raw token
	ExpiresAt  time.Time `gorm:"not null" json:"-"`
	CreatedAt  time.Time `json:"-"`
}

// TableName specifies the table name for RefreshToken model
func (RefreshToken) TableName() string {
	return "b2b_refresh_tokens"
}