from django.contrib.auth import get_user_model
from django.shortcuts import get_object_or_404
from rest_framework import generics, permissions, status
from rest_framework.response import Response
from rest_framework.views import APIView

from apps.accounts.models import PhoneOTP
from apps.accounts.serializers import (
    OTPRequestSerializer,
    OTPVerifySerializer,
    RegisterSerializer,
    UserSerializer,
)
from apps.accounts.services.otp import create_and_send_otp, verify_otp

User = get_user_model()


class RegisterView(generics.CreateAPIView):
    serializer_class = RegisterSerializer
    permission_classes = [permissions.AllowAny]


class MeView(generics.RetrieveUpdateAPIView):
    serializer_class = UserSerializer
    permission_classes = [permissions.IsAuthenticated]

    def get_object(self):
        return self.request.user


class OTPRequestView(APIView):
    permission_classes = [permissions.AllowAny]

    def post(self, request):
        serializer = OTPRequestSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        data = serializer.validated_data
        result = create_and_send_otp(data["phone_number"], data["channel"])
        return Response(
            {"request_id": result.request_id, "expires_at": result.expires_at},
            status=status.HTTP_201_CREATED,
        )


class OTPVerifyView(APIView):
    permission_classes = [permissions.AllowAny]

    def post(self, request):
        serializer = OTPVerifySerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        data = serializer.validated_data
        otp = get_object_or_404(PhoneOTP, id=data["request_id"])
        if not verify_otp(otp, data["code"]):
            return Response({"detail": "Invalid or expired code"}, status=status.HTTP_400_BAD_REQUEST)

        user = User.objects.filter(phone_number=otp.phone_number).first()
        if user and not user.is_phone_verified:
            user.is_phone_verified = True
            user.save(update_fields=["is_phone_verified"])

        return Response({"detail": "Phone verified"}, status=status.HTTP_200_OK)


class SocialLoginPlaceholderView(APIView):
    permission_classes = [permissions.AllowAny]

    def post(self, request, provider):
        return Response(
            {"detail": "Social login not configured yet. Add OAuth provider config."},
            status=status.HTTP_501_NOT_IMPLEMENTED,
        )