package controllers

import (
	"encoding/json"
	"io"
	"strings"

	"server/pkg/jwtutil"
	"server/services"

	beego "github.com/beego/beego/v2/server/web"
)

type platformLoginRequest struct {
	TenantName string `json:"tenant_name"`
	Account    string `json:"account"`
	Password   string `json:"password"`
}

// PlatformAuthController 平台端认证控制器
type PlatformAuthController struct {
	beego.Controller
}

// Login 平台登录
func (c *PlatformAuthController) Login() {
	var req platformLoginRequest

	// 支持前端以 JSON body 方式提交
	body, err := io.ReadAll(c.Ctx.Request.Body)
	if err != nil {
		c.Data["json"] = map[string]interface{}{
			"code": 400,
			"msg":  "参数错误",
		}
		_ = c.ServeJSON()
		return
	}

	if err := json.Unmarshal(body, &req); err != nil {
		c.Data["json"] = map[string]interface{}{
			"code": 400,
			"msg":  "参数错误",
		}
		_ = c.ServeJSON()
		return
	}

	if req.TenantName == "" || req.Account == "" || req.Password == "" {
		c.Data["json"] = map[string]interface{}{
			"code": 400,
			"msg":  "租户名称、用户名或密码不能为空",
		}
		_ = c.ServeJSON()
		return
	}

	// 控制器只做 HTTP 解析与响应编排，业务逻辑放 services 层
	token, loginUser, err := services.PlatformLogin(req.TenantName, req.Account, req.Password)
	if err != nil {
		c.Data["json"] = map[string]interface{}{
			"code": 401,
			"msg":  err.Error(),
		}
		_ = c.ServeJSON()
		return
	}

	c.Data["json"] = map[string]interface{}{
		"code": 200,
		"msg":  "登录成功",
		"data": map[string]interface{}{
			"token": token,
			"user": map[string]interface{}{
				"id":        loginUser.ID,
				"account":   loginUser.Account,
				"name":      loginUser.Name,
				"tid":       loginUser.Tid,
				"rid":       loginUser.Rid,
				"avatar":    loginUser.Avatar,
				"role_name": loginUser.RoleName,
			},
		},
	}
	_ = c.ServeJSON()
}

// GetCurrentUser 当前登录平台用户信息（含角色名称），需 Bearer Token
func (c *PlatformAuthController) GetCurrentUser() {
	authHeader := c.Ctx.Request.Header.Get("Authorization")
	if authHeader == "" {
		c.Data["json"] = map[string]interface{}{"code": 401, "msg": "未登录"}
		_ = c.ServeJSON()
		return
	}
	authParts := strings.SplitN(authHeader, " ", 2)
	if len(authParts) != 2 || authParts[0] != "Bearer" {
		c.Data["json"] = map[string]interface{}{"code": 401, "msg": "认证信息格式错误"}
		_ = c.ServeJSON()
		return
	}
	claims, err := jwtutil.ParseToken(authParts[1])
	if err != nil {
		c.Data["json"] = map[string]interface{}{"code": 401, "msg": "无效的token"}
		_ = c.ServeJSON()
		return
	}
	if claims.UserType != "platform" {
		c.Data["json"] = map[string]interface{}{"code": 403, "msg": "无权访问"}
		_ = c.ServeJSON()
		return
	}
	loginUser, err := services.PlatformGetCurrentUser(uint64(claims.UserID))
	if err != nil {
		c.Data["json"] = map[string]interface{}{"code": 401, "msg": err.Error()}
		_ = c.ServeJSON()
		return
	}
	c.Data["json"] = map[string]interface{}{
		"code": 200,
		"msg":  "success",
		"data": map[string]interface{}{
			"id":        loginUser.ID,
			"account":   loginUser.Account,
			"name":      loginUser.Name,
			"rid":       loginUser.Rid,
			"avatar":    loginUser.Avatar,
			"role_name": loginUser.RoleName,
		},
	}
	_ = c.ServeJSON()
}

// SendLoginCode 发送登录验证码（占位实现）
func (c *PlatformAuthController) SendLoginCode() {
	c.Data["json"] = map[string]interface{}{
		"code": 501,
		"msg":  "发送登录验证码暂未实现",
	}
	_ = c.ServeJSON()
}

// LoginBySms 手机号验证码登录（占位实现）
func (c *PlatformAuthController) LoginBySms() {
	c.Data["json"] = map[string]interface{}{
		"code": 501,
		"msg":  "手机号验证码登录暂未实现",
	}
	_ = c.ServeJSON()
}

// Logout 平台退出登录（占位实现，当前为无状态直接返回成功）
func (c *PlatformAuthController) Logout() {
	c.Data["json"] = map[string]interface{}{
		"code": 200,
		"msg":  "退出成功",
	}
	_ = c.ServeJSON()
}

// GetGeetest3Infos 获取极验3.0配置（占位实现）
func (c *PlatformAuthController) GetGeetest3Infos() {
	c.Data["json"] = map[string]interface{}{
		"code": 501,
		"msg":  "极验3.0暂未实现",
	}
	_ = c.ServeJSON()
}

// GetGeetest4Infos 获取极验4.0配置（占位实现）
func (c *PlatformAuthController) GetGeetest4Infos() {
	c.Data["json"] = map[string]interface{}{
		"code": 501,
		"msg":  "极验4.0暂未实现",
	}
	_ = c.ServeJSON()
}

// GetOpenVerify 判断是否开启登录验证（占位实现）
func (c *PlatformAuthController) GetOpenVerify() {
	c.Data["json"] = map[string]interface{}{
		"code": 200,
		"msg":  "ok",
		// data 为配置项数组，这里固定关闭验证：openVerify=0
		"data": []map[string]string{
			{
				"label": "openVerify",
				"value": "0",
			},
		},
	}
	_ = c.ServeJSON()
}

// Register 注册（占位实现）
func (c *PlatformAuthController) Register() {
	c.Data["json"] = map[string]interface{}{
		"code": 501,
		"msg":  "注册暂未实现",
	}
	_ = c.ServeJSON()
}

// SendRegisterCode 发送注册验证码（占位实现）
func (c *PlatformAuthController) SendRegisterCode() {
	c.Data["json"] = map[string]interface{}{
		"code": 501,
		"msg":  "发送注册验证码暂未实现",
	}
	_ = c.ServeJSON()
}

// ResetPassword 忘记密码重置（占位实现）
func (c *PlatformAuthController) ResetPassword() {
	c.Data["json"] = map[string]interface{}{
		"code": 501,
		"msg":  "重置密码暂未实现",
	}
	_ = c.ServeJSON()
}

// SendResetCode 发送找回密码验证码（占位实现）
func (c *PlatformAuthController) SendResetCode() {
	c.Data["json"] = map[string]interface{}{
		"code": 501,
		"msg":  "发送找回密码验证码暂未实现",
	}
	_ = c.ServeJSON()
}