"""Authentication routes."""
from fastapi import APIRouter, HTTPException, status, Depends
from datetime import timedelta
from core.security import create_access_token, get_current_user
from domain.models import TokenRequest, TokenResponse
from config import settings

router = APIRouter(prefix="/auth", tags=["Authentication"])


@router.post("/token", response_model=TokenResponse)
async def get_token(request: TokenRequest) -> TokenResponse:
    """
    Generate a JWT access token.
    
    Pour l'instant, cette route génère un token sans vérification.
    En production, vous devriez vérifier username/password.
    
    Returns:
        JWT access token with expiration info
    """
    # Pour l'instant, on crée un token avec des données minimales
    # Plus tard, on pourrait ajouter username, user_id, roles, etc.
    access_token = create_access_token(
        data={"sub": "user", "type": "access"},
        expires_delta=timedelta(minutes=settings.jwt_expiration_minutes)
    )
    
    return TokenResponse(
        access_token=access_token,
        token_type="bearer",
        expires_in=settings.jwt_expiration_minutes * 60  # en secondes
    )


@router.get("/verify")
async def verify_token_endpoint(current_user: dict = Depends(get_current_user)):
    """
    Verify if the provided token is valid.
    This endpoint is protected and requires a valid JWT token.
    
    Returns:
        Token payload if valid
    """
    return {
        "valid": True,
        "user": current_user
    }