"""Authentication API endpoints."""
from __future__ import annotations

from fastapi import APIRouter, Depends, HTTPException, status
from pydantic import BaseModel, EmailStr

from app.api.deps import get_auth_service
from app.models.token import LoginRequest, TokenResponse
from app.services.auth_service import AuthService, InvalidCredentialsError

router = APIRouter(prefix="/auth", tags=["auth"])


class RegisterRequest(BaseModel):
    email: EmailStr
    password: str
    name: str
    organization_name: str


def _stub(detail: str) -> dict[str, str]:
    return {"detail": detail}


@router.post("/register", status_code=status.HTTP_501_NOT_IMPLEMENTED)
async def register_user(_: RegisterRequest) -> dict[str, str]:
    """Placeholder for user plus organization registration flow."""
    return _stub("POST /auth/register is not implemented yet")


@router.post("/login", status_code=status.HTTP_501_NOT_IMPLEMENTED)
async def login(_: LoginRequest) -> dict[str, str]:
    """Placeholder for login shortcut endpoint defined in the spec."""
    return _stub("POST /auth/login is not implemented yet")


@router.post("/token", response_model=TokenResponse)
async def login_for_access_token(
    credentials: LoginRequest,
    service: AuthService = Depends(get_auth_service),
) -> TokenResponse:
    try:
        user = await service.authenticate(credentials.email, credentials.password)
    except InvalidCredentialsError as exc:  # pragma: no cover - thin API
        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(exc)) from exc
    return service.create_access_token(user)