"""Authentification simple — session cookie."""
from fastapi import Depends, HTTPException, Request
from fastapi.responses import RedirectResponse
from starlette.middleware.sessions import SessionMiddleware
from app.config import APP_USER, APP_PASSWORD, SECRET_KEY

SESSION_KEY = "gsparc_user"


def init_auth(app):
    """Initialise le middleware de session sur l'app FastAPI."""
    app.add_middleware(SessionMiddleware, secret_key=SECRET_KEY, session_cookie="gsparc_session")


def login_user(request: Request, username: str, password: str) -> bool:
    """Vérifie les credentials et crée une session."""
    if username == APP_USER and password == APP_PASSWORD:
        request.session[SESSION_KEY] = username
        return True
    return False


def logout_user(request: Request):
    """Détruit la session."""
    request.session.clear()


async def require_auth(request: Request):
    """Dépendance FastAPI qui protège les routes."""
    user = request.session.get(SESSION_KEY)
    if not user:
        # Si c'est une API, retourner 401 ; si c'est une page, rediriger vers login
        if request.headers.get("accept", "").startswith("application/json"):
            raise HTTPException(status_code=401, detail="Authentification requise")
        raise HTTPException(status_code=303, headers={"Location": "/login"})
    return user