from fastapi import FastAPI, UploadFile, File, Form, HTTPException, Depends
from sqlalchemy.orm import Session
from .database import SessionLocal, engine, Base
from . import models, schemas, auth, utils
from datetime import datetime, timedelta

Base.metadata.create_all(bind=engine)

app = FastAPI()

def get_db():
    db = SessionLocal()
    try:
        yield db
    finally:
        db.close()

@app.post("/login/")
def login(mobile: str = Form(...), db: Session = Depends(get_db)):
    otp = utils.generate_otp()
    otp_record = db.query(models.OTP).filter(models.OTP.mobile == mobile).first()

    if otp_record:
        otp_record.otp = otp
        otp_record.created_at = datetime.utcnow()
    else:
        db.add(models.OTP(mobile=mobile, otp=otp))

    db.commit()
    utils.send_otp(mobile, otp)
    return {"phone": mobile, "otp": otp}  # Only for development

@app.post("/verify/")
def verify(mobile: str = Form(...), otp: str = Form(...), db: Session = Depends(get_db)):
    otp_record = db.query(models.OTP).filter(models.OTP.mobile == mobile).first()

    if not otp_record or otp_record.otp != otp:
        raise HTTPException(status_code=400, detail="Invalid OTP")

    if datetime.utcnow() > otp_record.created_at + timedelta(minutes=5):
        raise HTTPException(status_code=400, detail="OTP expired")

    user = db.query(models.User).filter(models.User.mobile == mobile).first()
    if not user:
        user = models.User(mobile=mobile)
        db.add(user)
        db.commit()
        db.refresh(user)

    token = auth.create_access_token({"sub": user.mobile})
    return {"access_token": token, "token_type": "bearer"}