import { zValidator } from "@hono/zod-validator";
import { getAuth } from "@hono/oidc-auth";
import { Hono } from "hono";
import { z } from "zod";
import { parseId } from "../lib/params.ts";
import { requireAuth } from "../middleware/auth.ts";
import {
	createApiKey,
	deleteApiKey,
	listApiKeys,
} from "../services/auth.service.ts";

type Env = { Variables: { db?: any } };

const createKeySchema = z.object({ name: z.string().min(1) });

const app = new Hono<Env>();

// ── Auth Status ──────────────────────────────────────────────────────

app.get("/me", async (c) => {
	const auth = await getAuth(c);
	if (auth) {
		return c.json({
			user: { id: auth.sub, email: auth.email },
			authenticated: true,
		});
	}
	return c.json({ user: null, authenticated: false });
});

// ── API Key Management (protected) ───────────────────────────────────

app.get("/keys", requireAuth, async (c) => {
	const db = c.get("db");
	const keys = listApiKeys(db);
	return c.json(keys);
});

app.post(
	"/keys",
	requireAuth,
	zValidator("json", createKeySchema),
	async (c) => {
		const db = c.get("db");
		const { name } = c.req.valid("json");
		const result = await createApiKey(db, name);

		return c.json(
			{
				id: result.id,
				name: result.name,
				key: result.rawKey,
				prefix: result.keyPrefix,
			},
			201,
		);
	},
);

app.delete("/keys/:id", requireAuth, async (c) => {
	const db = c.get("db");
	const id = parseId(c.req.param("id"));
	if (!id) return c.json({ error: "Invalid key ID" }, 400);
	await deleteApiKey(db, id);
	return c.json({ ok: true });
});

export const authRoutes = app;