package handlers

import (
	"encoding/json"
	"fmt"
	"net/http"
	"path/filepath"
	"strings"
	"time"

	"github.com/rede5/gohorsejobs/backend/internal/api/middleware"
	"github.com/rede5/gohorsejobs/backend/internal/services"
)

type StorageHandler struct {
	storageService *services.StorageService
}

type uploadURLRequest struct {
	Filename    string `json:"filename"`
	ContentType string `json:"contentType"`
	Folder      string `json:"folder"`
}

type downloadURLRequest struct {
	Key string `json:"key"`
}

func NewStorageHandler(s *services.StorageService) *StorageHandler {
	return &StorageHandler{storageService: s}
}

// GetUploadURL returns a pre-signed URL for uploading a file.
// Clients upload directly to this URL.
// Query Params:
// - filename: Original filename
// - contentType: MIME type
// - folder: Optional folder (e.g. 'avatars', 'resumes')
func (h *StorageHandler) GetUploadURL(w http.ResponseWriter, r *http.Request) {
	// Authentication optional (for resumes), but enforced for others
	userIDVal := r.Context().Value(middleware.ContextUserID)
	userID, _ := userIDVal.(string)

	var body uploadURLRequest
	if r.Method == http.MethodPost {
		_ = json.NewDecoder(r.Body).Decode(&body)
	}

	folder := r.URL.Query().Get("folder")
	if folder == "" {
		folder = body.Folder
	}
	if folder == "" {
		folder = "uploads"
	}

	// Enforce auth for non-guest folders
	if userID == "" {
		if folder != "resumes" {
			http.Error(w, "Unauthorized", http.StatusUnauthorized)
			return
		}
		// Generate a guest ID for isolation
		userID = fmt.Sprintf("guest_%d", time.Now().UnixNano())
	}

	filename := r.URL.Query().Get("filename")
	if filename == "" {
		filename = body.Filename
	}
	contentType := r.URL.Query().Get("contentType")
	if contentType == "" {
		contentType = body.ContentType
	}
	if filename == "" {
		http.Error(w, "Filename is required", http.StatusBadRequest)
		return
	}

	// Validate folder
	validFolders := map[string]bool{"avatars": true, "resumes": true, "logos": true, "uploads": true, "documents": true}
	if !validFolders[folder] {
		http.Error(w, "Invalid folder", http.StatusBadRequest)
		return
	}

	// Generate a unique key
	ext := filepath.Ext(filename)
	if ext == "" {
		// Attempt to guess from contentType if needed, or just allow no ext
	}

	// Key format: {folder}/{userID}/{timestamp}_{random}{ext}
	// Using user ID ensures isolation if needed, or use a UUID.
	key := fmt.Sprintf("%s/%s/%d_%s", folder, userID, time.Now().Unix(), strings.ReplaceAll(filename, " ", "_"))

	url, err := h.storageService.GetPresignedUploadURL(r.Context(), key, contentType)
	if err != nil {
		// If credentials missing, log error and return 500
		// "storage credentials incomplete" might mean admin needs to configure them.
		http.Error(w, "Failed to generate upload URL: "+err.Error(), http.StatusInternalServerError)
		return
	}

	publicURL, err := h.storageService.GetPublicURL(r.Context(), key)
	if err != nil {
		http.Error(w, "Failed to generate public URL: "+err.Error(), http.StatusInternalServerError)
		return
	}

	// Return simple JSON
	resp := map[string]string{
		"url":       url,
		"uploadUrl": url,
		"key":       key,       // Client needs key to save to DB profile
		"publicUrl": publicURL, // Public URL for immediate use
	}
	respWithExpiry := map[string]interface{}{}
	for k, v := range resp {
		respWithExpiry[k] = v
	}
	respWithExpiry["expiresIn"] = int((15 * time.Minute).Seconds())

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(respWithExpiry)
}

// UploadFile handles direct file uploads via proxy
func (h *StorageHandler) UploadFile(w http.ResponseWriter, r *http.Request) {
	// 1. Parse Multipart Form
	// Max size 5MB
	if err := r.ParseMultipartForm(5 << 20); err != nil {
		http.Error(w, "File too large or invalid form", http.StatusBadRequest)
		return
	}

	file, header, err := r.FormFile("file")
	if err != nil {
		http.Error(w, "File is required", http.StatusBadRequest)
		return
	}
	defer file.Close()

	// 2. Validate Folder/Auth
	userIDVal := r.Context().Value(middleware.ContextUserID)
	userID, _ := userIDVal.(string)

	folder := r.FormValue("folder")
	if folder == "" {
		folder = "uploads"
	}

	validFolders := map[string]bool{"avatars": true, "resumes": true, "logos": true, "uploads": true, "documents": true}
	if !validFolders[folder] {
		http.Error(w, "Invalid folder", http.StatusBadRequest)
		return
	}

	if userID == "" {
		if folder != "resumes" {
			http.Error(w, "Unauthorized", http.StatusUnauthorized)
			return
		}
		userID = fmt.Sprintf("guest_%d", time.Now().UnixNano())
	}

	// 3. Prepare Upload Path
	filename := header.Filename
	// Clean filename
	filename = strings.ReplaceAll(filename, " ", "_")
	// Use timestamp to avoid collisions
	finalFilename := fmt.Sprintf("%d_%s", time.Now().Unix(), filename)

	// Folder path: folder/userID
	uploadFolder := fmt.Sprintf("%s/%s", folder, userID)

	// Determine Content-Type
	contentType := header.Header.Get("Content-Type")
	if contentType == "" {
		contentType = "application/octet-stream"
	}

	// 4. Upload via Service
	publicURL, err := h.storageService.UploadFile(r.Context(), file, uploadFolder, finalFilename, contentType)
	if err != nil {
		http.Error(w, "Failed to upload file: "+err.Error(), http.StatusInternalServerError)
		return
	}

	// 5. Response
	resp := map[string]string{
		"url":       publicURL, // For proxy, publicURL is the result
		"key":       fmt.Sprintf("%s/%s", uploadFolder, finalFilename),
		"publicUrl": publicURL,
	}

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(resp)
}

// GetDownloadURL returns a pre-signed URL for downloading a file.
func (h *StorageHandler) GetDownloadURL(w http.ResponseWriter, r *http.Request) {
	var body downloadURLRequest
	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
		http.Error(w, "Invalid request body", http.StatusBadRequest)
		return
	}

	if body.Key == "" {
		http.Error(w, "Key is required", http.StatusBadRequest)
		return
	}

	url, err := h.storageService.GetPresignedDownloadURL(r.Context(), body.Key)
	if err != nil {
		http.Error(w, "Failed to generate download URL: "+err.Error(), http.StatusInternalServerError)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(map[string]interface{}{
		"downloadUrl": url,
		"expiresIn":   int((60 * time.Minute).Seconds()),
	})
}

// DeleteFile removes an object from storage by key.
func (h *StorageHandler) DeleteFile(w http.ResponseWriter, r *http.Request) {
	key := r.URL.Query().Get("key")
	if key == "" {
		http.Error(w, "Key query parameter is required", http.StatusBadRequest)
		return
	}

	if err := h.storageService.DeleteObject(r.Context(), key); err != nil {
		http.Error(w, "Failed to delete file: "+err.Error(), http.StatusInternalServerError)
		return
	}

	w.WriteHeader(http.StatusNoContent)
}

// TestConnection validates storage credentials and bucket access.
func (h *StorageHandler) TestConnection(w http.ResponseWriter, r *http.Request) {
	if err := h.storageService.TestConnection(r.Context()); err != nil {
		http.Error(w, "Storage connection failed: "+err.Error(), http.StatusBadRequest)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(map[string]string{"message": "Storage connection successful"})
}