from fastapi import APIRouter, HTTPException, Depends 
from model.admin_model import AdminLoginPayload, AdminModel
from utils.turnstile_helper import verify_turnstile

router = APIRouter(prefix="/admin", tags=["Admin API"])

@router.post("/login", dependencies=[Depends(verify_turnstile)])
async def admin_login(payload: AdminLoginPayload):
    admin_user = AdminModel.verify_login(payload.email, payload.password)
    
    if admin_user:
        return {
            "success": True,
            "data": {
                "id": admin_user["_id"],
                "email": admin_user["email"],
                "firstName": admin_user["firstName"],
                "lastName": admin_user["lastName"],
                "role": admin_user["role"],
                "hasPassword": True
            }
        }
    return {"success": False, "message": "Tài khoản hoặc mật khẩu Quản trị viên không đúng!"}

@router.get("/me")
def get_admin_me(email: str):
    # Ủy quyền cho Model kiểm tra
    has_permission, message = AdminModel.verify_permission(email)
    if not has_permission:
        raise HTTPException(status_code=403, detail=message)
    
    return {
        "success": True,
        "data": {
            "id": "admin_system",
            "email": "admin@factory.com",
            "firstName": "Admin",
            "role": "admin"
        }
    }