app/routers/customer.py

from fastapi import APIRouter, Depends, HTTPException, Request, status, Query
from sqlalchemy.orm import Session
from typing import List, Dict, Any
import uuid
from datetime import datetime, timezone, timedelta

from ..database import get_db, Dish, Order, OrderItem, Person, get_session_db, get_hotel_id_from_request
from ..models.dish import Dish as DishModel
from ..models.order import OrderCreate, Order as OrderModel
from ..models.user import (
    PersonCreate,
    PersonLogin,
    Person as PersonModel,
    PhoneAuthRequest,
    PhoneVerifyRequest,
    UsernameRequest
)
from ..services import firebase_auth
from ..middleware import get_session_id

# Demo mode configuration
DEMO_MODE_ENABLED = True  # Set to False to disable demo mode
DEMO_CUSTOMER_ID = 999999
DEMO_CUSTOMER_USERNAME = "Demo Customer"
DEMO_CUSTOMER_PHONE = "+91-DEMO-USER"

router = APIRouter(
    prefix="/customer",
    tags=["customer"],
    responses={404: {"description": "Not found"}},
)


# Dependency to get session-aware database
def get_session_database(request: Request):
    session_id = get_session_id(request)
    return next(get_session_db(session_id))


# Demo mode endpoint - creates or returns demo customer
@router.post("/api/demo-login", response_model=Dict[str, Any])
def demo_login(request: Request, db: Session = Depends(get_session_database)):
    """
    Demo mode login - bypasses authentication and returns a demo customer
    """
    if not DEMO_MODE_ENABLED:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Demo mode is disabled"
        )

    hotel_id = get_hotel_id_from_request(request)

    # Check if demo customer already exists for this hotel
    demo_user = db.query(Person).filter(
        Person.hotel_id == hotel_id,
        Person.id == DEMO_CUSTOMER_ID
    ).first()

    if not demo_user:
        # Create demo customer
        demo_user = Person(
            id=DEMO_CUSTOMER_ID,
            hotel_id=hotel_id,
            username=DEMO_CUSTOMER_USERNAME,
            password="demo",  # Demo password
            phone_number=DEMO_CUSTOMER_PHONE,
            visit_count=5,  # Show as returning customer
            last_visit=datetime.now(timezone.utc),
            created_at=datetime.now(timezone.utc)
        )
        db.add(demo_user)
        db.commit()
        db.refresh(demo_user)
    else:
        # Update last visit time
        demo_user.last_visit = datetime.now(timezone.utc)
        db.commit()

    return {
        "success": True,
        "message": "Demo login successful",
        "user_exists": True,
        "user_id": demo_user.id,
        "username": demo_user.username,
        "demo_mode": True
    }


# Get all dishes for menu (only visible ones)
@router.get("/api/menu", response_model=List[DishModel])
def get_menu(request: Request, category: str = None, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)

    if category:
        # Filter dishes that contain the specified category in their JSON array
        import json
        all_dishes = db.query(Dish).filter(
            Dish.hotel_id == hotel_id,
            Dish.visibility == 1
        ).all()

        filtered_dishes = []
        for dish in all_dishes:
            try:
                dish_categories = json.loads(dish.category) if dish.category else []
                if isinstance(dish_categories, list) and category in dish_categories:
                    filtered_dishes.append(dish)
                elif isinstance(dish_categories, str) and dish_categories == category:
                    filtered_dishes.append(dish)
            except (json.JSONDecodeError, TypeError):
                # Backward compatibility: treat as single category
                if dish.category == category:
                    filtered_dishes.append(dish)

        return filtered_dishes
    else:
        dishes = db.query(Dish).filter(
            Dish.hotel_id == hotel_id,
            Dish.visibility == 1
        ).all()
        return dishes


# Get offer dishes (only visible ones)
@router.get("/api/offers", response_model=List[DishModel])
def get_offers(request: Request, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)
    dishes = db.query(Dish).filter(
        Dish.hotel_id == hotel_id,
        Dish.is_offer == 1,
        Dish.visibility == 1
    ).all()
    return dishes


# Get special dishes (only visible ones)
@router.get("/api/specials", response_model=List[DishModel])
def get_specials(request: Request, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)
    dishes = db.query(Dish).filter(
        Dish.hotel_id == hotel_id,
        Dish.is_special == 1,
        Dish.visibility == 1
    ).all()
    return dishes


# Get all dish categories (only from visible dishes)
@router.get("/api/categories")
def get_categories(request: Request, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)
    categories = db.query(Dish.category).filter(
        Dish.hotel_id == hotel_id,
        Dish.visibility == 1
    ).distinct().all()

    # Parse JSON categories and flatten them
    import json
    unique_categories = set()

    for category_tuple in categories:
        category_str = category_tuple[0]
        if category_str:
            try:
                # Try to parse as JSON array
                category_list = json.loads(category_str)
                if isinstance(category_list, list):
                    unique_categories.update(category_list)
                else:
                    unique_categories.add(category_str)
            except (json.JSONDecodeError, TypeError):
                # If not JSON, treat as single category
                unique_categories.add(category_str)

    return sorted(list(unique_categories))


# Register a new user or update existing user
@router.post("/api/register", response_model=PersonModel)
def register_user(user: PersonCreate, request: Request, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)

    # Check if user already exists for this hotel
    db_user = db.query(Person).filter(
        Person.hotel_id == hotel_id,
        Person.username == user.username
    ).first()

    if db_user:
        # Update existing user's last visit time (visit count updated only when order is placed)
        db_user.last_visit = datetime.now(timezone.utc)
        db.commit()
        db.refresh(db_user)
        return db_user
    else:
        # Create new user (visit count will be incremented when first order is placed)
        db_user = Person(
            hotel_id=hotel_id,
            username=user.username,
            password=user.password,  # In a real app, you should hash this password
            visit_count=0,
            last_visit=datetime.now(timezone.utc),
        )
        db.add(db_user)
        db.commit()
        db.refresh(db_user)
        return db_user


# Login user
@router.post("/api/login", response_model=Dict[str, Any])
def login_user(user_data: PersonLogin, request: Request, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)

    # Find user by username for this hotel
    db_user = db.query(Person).filter(
        Person.hotel_id == hotel_id,
        Person.username == user_data.username
    ).first()

    if not db_user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid username"
        )

    # Check password (in a real app, you would verify hashed passwords)
    if db_user.password != user_data.password:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid password"
        )

    # Update last visit time (but not visit count - that's only updated when order is placed)
    db_user.last_visit = datetime.now(timezone.utc)
    db.commit()

    # Return user info and a success message
    return {
        "user": {
            "id": db_user.id,
            "username": db_user.username,
            "visit_count": db_user.visit_count,
        },
        "message": "Login successful",
    }


# Create new order
@router.post("/api/orders", response_model=OrderModel)
def create_order(
    order: OrderCreate, request: Request, person_id: int = Query(None), db: Session = Depends(get_session_database)
):
    hotel_id = get_hotel_id_from_request(request)

    # If person_id is not provided but we have a username/password, try to find or create the user
    if not person_id and hasattr(order, "username") and hasattr(order, "password"):
        # Check if user exists for this hotel
        db_user = db.query(Person).filter(
            Person.hotel_id == hotel_id,
            Person.username == order.username
        ).first()

        if db_user:
            # Update existing user's visit count
            db_user.visit_count += 1
            db_user.last_visit = datetime.now(timezone.utc)
            db.commit()
            person_id = db_user.id
        else:
            # Create new user (visit count starts at 1 since they're placing their first order)
            db_user = Person(
                hotel_id=hotel_id,
                username=order.username,
                password=order.password,
                visit_count=1,
                last_visit=datetime.now(timezone.utc),
            )
            db.add(db_user)
            db.commit()
            db.refresh(db_user)
            person_id = db_user.id
    elif person_id:
        # If person_id is provided (normal flow), increment visit count for that user
        db_user = db.query(Person).filter(
            Person.hotel_id == hotel_id,
            Person.id == person_id
        ).first()
        if db_user:
            db_user.visit_count += 1
            db_user.last_visit = datetime.now(timezone.utc)
            db.commit()

    # Create order
    db_order = Order(
        hotel_id=hotel_id,
        table_number=order.table_number,
        unique_id=order.unique_id,
        person_id=person_id,  # Link order to person if provided
        status="pending",
    )
    db.add(db_order)
    db.commit()
    db.refresh(db_order)

    # Mark the table as occupied
    from ..database import Table

    db_table = db.query(Table).filter(
        Table.hotel_id == hotel_id,
        Table.table_number == order.table_number
    ).first()
    if db_table:
        db_table.is_occupied = True
        db_table.current_order_id = db_order.id
        db.commit()

    # Create order items
    for item in order.items:
        # Get the dish to include its information and verify it belongs to this hotel
        dish = db.query(Dish).filter(
            Dish.hotel_id == hotel_id,
            Dish.id == item.dish_id
        ).first()
        if not dish:
            continue  # Skip if dish doesn't exist or doesn't belong to this hotel

        db_item = OrderItem(
            hotel_id=hotel_id,
            order_id=db_order.id,
            dish_id=item.dish_id,
            quantity=item.quantity,
            price=dish.price,  # Store price at time of order
            remarks=item.remarks,
        )
        db.add(db_item)

    db.commit()
    db.refresh(db_order)

    return db_order


# Get order status
@router.get("/api/orders/{order_id}", response_model=OrderModel)
def get_order(order_id: int, request: Request, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)

    # Use joinedload to load the dish relationship for each order item
    order = db.query(Order).filter(
        Order.hotel_id == hotel_id,
        Order.id == order_id
    ).first()
    if order is None:
        raise HTTPException(status_code=404, detail="Order not found")

    # Explicitly load dish information for each order item
    for item in order.items:
        if not hasattr(item, "dish") or item.dish is None:
            dish = db.query(Dish).filter(
                Dish.hotel_id == hotel_id,
                Dish.id == item.dish_id
            ).first()
            if dish:
                item.dish = dish

    return order


# Get orders by person_id
@router.get("/api/person/{person_id}/orders", response_model=List[OrderModel])
def get_person_orders(person_id: int, request: Request, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)

    # Get all orders for a specific person in this hotel
    orders = (
        db.query(Order)
        .filter(
            Order.hotel_id == hotel_id,
            Order.person_id == person_id
        )
        .order_by(Order.created_at.desc())
        .all()
    )

    # Explicitly load dish information for each order item
    for order in orders:
        for item in order.items:
            if not hasattr(item, "dish") or item.dish is None:
                dish = db.query(Dish).filter(
                    Dish.hotel_id == hotel_id,
                    Dish.id == item.dish_id
                ).first()
                if dish:
                    item.dish = dish

    return orders


# Request payment for order
@router.put("/api/orders/{order_id}/payment")
def request_payment(order_id: int, request: Request, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)

    try:
        # Check if order exists and is not already paid
        db_order = db.query(Order).filter(
            Order.hotel_id == hotel_id,
            Order.id == order_id
        ).first()
        if db_order is None:
            raise HTTPException(status_code=404, detail="Order not found")

        # Check if order is already paid
        if db_order.status == "paid":
            return {"message": "Order is already paid"}

        # Check if order is completed (ready for payment)
        if db_order.status != "completed":
            raise HTTPException(
                status_code=400,
                detail="Order must be completed before payment can be processed"
            )

        # Calculate order totals and apply discounts
        from ..database import LoyaltyProgram, SelectionOffer, Person

        # Calculate subtotal from order items
        subtotal = 0
        for item in db_order.items:
            if item.dish:
                subtotal += item.dish.price * item.quantity

        # Initialize discount amounts
        loyalty_discount_amount = 0
        loyalty_discount_percentage = 0
        selection_offer_discount_amount = 0

        # Apply loyalty discount if customer is registered
        if db_order.person_id:
            person = db.query(Person).filter(Person.id == db_order.person_id).first()
            if person:
                # Get applicable loyalty discount
                loyalty_tier = (
                    db.query(LoyaltyProgram)
                    .filter(
                        LoyaltyProgram.hotel_id == hotel_id,
                        LoyaltyProgram.visit_count == person.visit_count,
                        LoyaltyProgram.is_active == True,
                    )
                    .first()
                )

                if loyalty_tier:
                    loyalty_discount_percentage = loyalty_tier.discount_percentage
                    loyalty_discount_amount = subtotal * (loyalty_discount_percentage / 100)

        # Apply selection offer discount
        selection_offer = (
            db.query(SelectionOffer)
            .filter(
                SelectionOffer.hotel_id == hotel_id,
                SelectionOffer.min_amount <= subtotal,
                SelectionOffer.is_active == True,
            )
            .order_by(SelectionOffer.min_amount.desc())
            .first()
        )

        if selection_offer:
            selection_offer_discount_amount = selection_offer.discount_amount

        # Calculate final total after discounts
        final_total = subtotal - loyalty_discount_amount - selection_offer_discount_amount

        # Ensure final total is not negative
        final_total = max(0, final_total)

        # Update order with calculated amounts
        db_order.status = "paid"
        db_order.subtotal_amount = subtotal
        db_order.loyalty_discount_amount = loyalty_discount_amount
        db_order.loyalty_discount_percentage = loyalty_discount_percentage
        db_order.selection_offer_discount_amount = selection_offer_discount_amount
        db_order.total_amount = final_total
        db_order.updated_at = datetime.now(timezone.utc)

        # Check if this is the last unpaid order for this table
        from ..database import Table

        # Get all orders for this table that are not paid
        table_unpaid_orders = db.query(Order).filter(
            Order.table_number == db_order.table_number,
            Order.status != "paid",
            Order.status != "cancelled"
        ).all()

        # If this is the only unpaid order, mark table as free
        if len(table_unpaid_orders) == 1 and table_unpaid_orders[0].id == order_id:
            db_table = db.query(Table).filter(Table.table_number == db_order.table_number).first()
            if db_table:
                db_table.is_occupied = False
                db_table.current_order_id = None
                db_table.updated_at = datetime.now(timezone.utc)

        # Commit the transaction
        db.commit()
        db.refresh(db_order)

        return {"message": "Payment completed successfully", "order_id": order_id}

    except HTTPException:
        # Re-raise HTTP exceptions
        db.rollback()
        raise
    except Exception as e:
        # Handle any other exceptions
        db.rollback()
        print(f"Error processing payment for order {order_id}: {str(e)}")
        raise HTTPException(
            status_code=500,
            detail=f"Error processing payment: {str(e)}"
        )


# Cancel order
@router.put("/api/orders/{order_id}/cancel")
def cancel_order(order_id: int, request: Request, db: Session = Depends(get_session_database)):
    hotel_id = get_hotel_id_from_request(request)

    db_order = db.query(Order).filter(
        Order.hotel_id == hotel_id,
        Order.id == order_id
    ).first()
    if db_order is None:
        raise HTTPException(status_code=404, detail="Order not found")

    # Check if order is in pending status (not accepted or completed)
    if db_order.status != "pending":
        raise HTTPException(
            status_code=400,
            detail="Only pending orders can be cancelled. Orders that have been accepted by the chef cannot be cancelled."
        )

    # Update order status to cancelled
    current_time = datetime.now(timezone.utc)
    db_order.status = "cancelled"
    db_order.updated_at = current_time

    # Mark the table as free if this was the current order
    from ..database import Table

    db_table = db.query(Table).filter(Table.table_number == db_order.table_number).first()
    if db_table and db_table.current_order_id == db_order.id:
        db_table.is_occupied = False
        db_table.current_order_id = None
        db_table.updated_at = current_time

    db.commit()

    return {"message": "Order cancelled successfully"}


# Get person details
@router.get("/api/person/{person_id}", response_model=PersonModel)
def get_person(person_id: int, request: Request, db: Session = Depends(get_session_database)):
    person = db.query(Person).filter(Person.id == person_id).first()
    if not person:
        raise HTTPException(status_code=404, detail="Person not found")
    return person


# Phone authentication endpoints
@router.post("/api/phone-auth", response_model=Dict[str, Any])
def phone_auth(auth_request: PhoneAuthRequest, request: Request, db: Session = Depends(get_session_database)):
    """
    Initiate phone authentication by sending OTP
    """
    try:
        # Validate phone number format
        if not auth_request.phone_number.startswith("+91"):
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail="Phone number must start with +91"
            )

        # Send OTP via Firebase
        result = firebase_auth.verify_phone_number(auth_request.phone_number)

        print(f"Phone auth initiated for: {auth_request.phone_number}, table: {auth_request.table_number}")

        return {
            "success": True,
            "message": "Verification code sent successfully",
            "session_info": result.get("sessionInfo", "firebase-verification-token")
        }
    except HTTPException as e:
        print(f"HTTP Exception in phone_auth: {e.detail}")
        raise e
    except Exception as e:
        print(f"Exception in phone_auth: {str(e)}")
        raise HTTPException(
            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
            detail=f"Failed to send verification code: {str(e)}"
        )


@router.post("/api/verify-otp", response_model=Dict[str, Any])
def verify_otp(verify_request: PhoneVerifyRequest, request: Request, db: Session = Depends(get_session_database)):
    """
    Verify OTP and authenticate user
    """
    try:
        print(f"Verifying OTP for phone: {verify_request.phone_number}")

        # Verify OTP via Firebase
        # Note: The actual OTP verification is done on the client side with Firebase
        # This is just a validation step
        firebase_auth.verify_otp(
            verify_request.phone_number,
            verify_request.verification_code
        )

        # Check if user exists in database for this hotel
        hotel_id = get_hotel_id_from_request(request)
        user = db.query(Person).filter(
            Person.hotel_id == hotel_id,
            Person.phone_number == verify_request.phone_number
        ).first()

        if user:
            print(f"Existing user found: {user.username}")
            # Existing user - update last visit time (visit count updated only when order is placed)
            user.last_visit = datetime.now(timezone.utc)
            db.commit()
            db.refresh(user)

            return {
                "success": True,
                "message": "Authentication successful",
                "user_exists": True,
                "user_id": user.id,
                "username": user.username
            }
        else:
            print(f"New user with phone: {verify_request.phone_number}")
            # New user - return flag to collect username
            return {
                "success": True,
                "message": "Authentication successful, but user not found",
                "user_exists": False
            }

    except HTTPException as e:
        print(f"HTTP Exception in verify_otp: {e.detail}")
        raise e
    except Exception as e:
        print(f"Exception in verify_otp: {str(e)}")
        raise HTTPException(
            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
            detail=f"Failed to verify OTP: {str(e)}"
        )


@router.post("/api/register-phone-user", response_model=Dict[str, Any])
def register_phone_user(user_request: UsernameRequest, request: Request, db: Session = Depends(get_session_database)):
    """
    Register a new user after phone authentication
    """
    try:
        hotel_id = get_hotel_id_from_request(request)
        print(f"Registering new user with phone: {user_request.phone_number}, username: {user_request.username}")

        # Check if username already exists for this hotel
        existing_user = db.query(Person).filter(
            Person.hotel_id == hotel_id,
            Person.username == user_request.username
        ).first()
        if existing_user:
            print(f"Username already exists: {user_request.username}")
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail="Username already exists"
            )

        # Check if phone number already exists for this hotel
        phone_user = db.query(Person).filter(
            Person.hotel_id == hotel_id,
            Person.phone_number == user_request.phone_number
        ).first()
        if phone_user:
            print(f"Phone number already registered: {user_request.phone_number}")
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail="Phone number already registered"
            )

        # Create new user (visit count will be incremented when first order is placed)
        new_user = Person(
            hotel_id=hotel_id,
            username=user_request.username,
            password="",  # No password needed for phone auth
            phone_number=user_request.phone_number,
            visit_count=0,
            last_visit=datetime.now(timezone.utc)
        )

        db.add(new_user)
        db.commit()
        db.refresh(new_user)

        print(f"User registered successfully: {new_user.id}, {new_user.username}")

        return {
            "success": True,
            "message": "User registered successfully",
            "user_id": new_user.id,
            "username": new_user.username
        }

    except HTTPException as e:
        print(f"HTTP Exception in register_phone_user: {e.detail}")
        raise e
    except Exception as e:
        print(f"Exception in register_phone_user: {str(e)}")
        raise HTTPException(
            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
            detail=f"Failed to register user: {str(e)}"
        )