# app/routers/client.py

from sqlalchemy import select
from app.schemas.client import *
from sqlalchemy.orm import Session
from app.models.client import Client
from app.core.database import get_db
from sqlalchemy.ext.asyncio import AsyncSession
from fastapi import APIRouter, Depends, HTTPException,Request
from app.services.client import create_client, get_client_by_widget

router = APIRouter(prefix="/clients", tags=["Clients"])

# --------------------
# Create a new client
# --------------------
@router.post("/", response_model=ClientOut)
async def create_client_api(data: ClientCreate, db: Session = Depends(get_db)):
    return await create_client(db, data)


# -----------------------------------------------------------------------
# Get client by widget_id (Used by WebSocket before allowing connection)
# -----------------------------------------------------------------------
@router.get("/{widget_id}", response_model=ClientOut)
def get_client(widget_id: str, db: Session = Depends(get_db)):
    client = get_client_by_widget(db, widget_id)
    if not client:
        raise HTTPException(status_code=404, detail="Client not found")
    return client


# -------------------------------------------------------------
# validate domain this will check widget domain is same or not
# -------------------------------------------------------------
@router.get("/widget/validate/{client_id}")
async def validate_widget(client_id: str, request: Request, db: AsyncSession = Depends(get_db)):
    
    origin = request.headers.get("origin") or request.headers.get("referer")

    # get website URL for this widget
    res = await db.execute(
        select(Client.website_url).where(Client.client_widget_id == client_id)
    )
    allowed_url = res.scalar()

    if not allowed_url:
        return {"valid": False, "reason": "Invalid clientId"}

    if not origin or not origin.startswith(allowed_url):
        return {"valid": False, "reason": "Unauthorized domain"}

    return {"valid": True, "allowed_url": allowed_url}


# ----------------
# get all clients
# ----------------
@router.get("/all/clients", response_model=list[ClientSchema])
async def get_all_clients(db: AsyncSession = Depends(get_db)):
    stmt = select(Client).order_by(Client.id)
    result = await db.execute(stmt)
    clients = result.scalars().all()
    return clients