package space.anyi.serve.controller;

import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.*;
import space.anyi.serve.entity.Response;
import space.anyi.serve.entity.auth.JwtUserDetails;
import space.anyi.serve.entity.realname.RealnameAuth;
import space.anyi.serve.entity.realname.RealnameAuthVo;
import space.anyi.serve.service.RealnameAuthService;

import java.util.List;
import java.util.Map;

@Tag(name = "RealnameAuthController", description = "实名认证")
@RestController
@RequestMapping("api/realname")
public class RealnameAuthController {

    private final RealnameAuthService realnameAuthService;

    public RealnameAuthController(RealnameAuthService realnameAuthService) {
        this.realnameAuthService = realnameAuthService;
    }

    @Operation(summary = "提交实名认证")
    @PreAuthorize("hasAnyRole('ROLE_user', 'ROLE_expert', 'ROLE_admin')")
    @PostMapping
    public Response<Void> submit(@Valid @RequestBody Map<String, String> body, Authentication authentication) {
        JwtUserDetails details = (JwtUserDetails) authentication.getPrincipal();
        Long userId = details.getUser().getId();
        realnameAuthService.submit(userId, body.get("realName"), body.get("idCard"),
                body.get("idCardFront"), body.get("idCardBack"));
        return Response.ok();
    }

    @Operation(summary = "查询自己的认证信息")
    @PreAuthorize("hasAnyRole('ROLE_user', 'ROLE_expert', 'ROLE_admin')")
    @GetMapping
    public Response<RealnameAuthVo> getMyAuth(Authentication authentication) {
        JwtUserDetails details = (JwtUserDetails) authentication.getPrincipal();
        Long userId = details.getUser().getId();
        RealnameAuth auth = realnameAuthService.getByUserId(userId);
        return Response.ok(RealnameAuthVo.from(auth));
    }

    @Operation(summary = "管理员审核实名认证")
    @PreAuthorize("hasRole('ROLE_admin')")
    @PutMapping("{id}/review")
    public Response<Void> review(@PathVariable Long id, @RequestBody Map<String, Object> body) {
        Boolean approved = (Boolean) body.get("approved");
        String rejectReason = (String) body.get("rejectReason");
        if (approved == null) return Response.error("请指定审核结果");
        realnameAuthService.review(id, approved, rejectReason);
        return Response.ok();
    }

    @Operation(summary = "获取所有待审核认证（管理员）")
    @PreAuthorize("hasRole('ROLE_admin')")
    @GetMapping("pending")
    public Response<List<RealnameAuthVo>> listPending() {
        List<RealnameAuth> list = realnameAuthService.lambdaQuery()
                .eq(RealnameAuth::getStatus, "pending").list();
        return Response.ok(RealnameAuthVo.from(list));
    }
}