package com.xuqm.tenant.controller;

import com.xuqm.common.exception.BusinessException;
import com.xuqm.common.model.ApiResponse;
import com.xuqm.tenant.dto.CreateSubAccountRequest;
import com.xuqm.tenant.entity.TenantEntity;
import com.xuqm.tenant.service.EmailService;
import com.xuqm.tenant.service.SubAccountService;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Email;
import jakarta.validation.constraints.NotBlank;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;
import java.util.Map;

@RestController
@RequestMapping("/api/sub-accounts")
public class SubAccountController {

    private final SubAccountService subAccountService;
    private final EmailService emailService;

    public SubAccountController(SubAccountService subAccountService, EmailService emailService) {
        this.subAccountService = subAccountService;
        this.emailService = emailService;
    }

    @GetMapping
    public ResponseEntity<ApiResponse<List<TenantEntity>>> list(@AuthenticationPrincipal String tenantId) {
        return ResponseEntity.ok(ApiResponse.success(subAccountService.listByParent(tenantId)));
    }

    @PostMapping("/send-verify-code")
    public ResponseEntity<ApiResponse<Void>> sendVerifyCode(@RequestParam @NotBlank @Email String email,
                                                             @AuthenticationPrincipal String tenantId) {
        emailService.sendVerificationCode(email, "SUB_ACCOUNT");
        return ResponseEntity.ok(ApiResponse.ok());
    }

    @PostMapping("/verify-email")
    public ResponseEntity<ApiResponse<Void>> verifyEmail(@RequestParam @NotBlank @Email String email,
                                                          @RequestParam @NotBlank String code,
                                                          @AuthenticationPrincipal String tenantId) {
        subAccountService.verifyEmail(tenantId, email, code);
        return ResponseEntity.ok(ApiResponse.ok());
    }

    @PostMapping
    public ResponseEntity<ApiResponse<TenantEntity>> create(@Valid @RequestBody CreateSubAccountRequest req,
                                                             @AuthenticationPrincipal String tenantId) {
        if (!subAccountService.isEmailVerifiedInSession(tenantId)) {
            throw new BusinessException(403, "请先完成邮箱验证");
        }
        return ResponseEntity.ok(ApiResponse.success(subAccountService.create(tenantId, req)));
    }

    @DeleteMapping("/{id}")
    public ResponseEntity<ApiResponse<Void>> disable(@PathVariable String id,
                                                      @AuthenticationPrincipal String tenantId) {
        subAccountService.disable(id, tenantId);
        return ResponseEntity.ok(ApiResponse.ok());
    }

    @GetMapping("/generate-password")
    public ResponseEntity<ApiResponse<Map<String, String>>> generatePassword() {
        return ResponseEntity.ok(ApiResponse.success(Map.of("password", subAccountService.generatePassword())));
    }
}