import { api } from './api';
import { AUTHENTIK_URL, CLIENT_ID } from '../utils/config';
import { User } from '../types/auth.types';

const REDIRECT_URI = `${window.location.origin}/auth/callback`;

export interface AuthCallbackResponse {
  token: string;
  user: User;
}

export const authService = {
  /**
   * Generate Authentik authorization URL
   */
  getAuthUrl(): string {
    const params = new URLSearchParams({
      client_id: CLIENT_ID,
      redirect_uri: REDIRECT_URI,
      response_type: 'code',
      scope: 'openid profile email',
    });

    return `${AUTHENTIK_URL}/application/o/authorize/?${params.toString()}`;
  },

  /**
   * Handle OAuth callback - send code to backend, receive JWT
   */
  async handleCallback(code: string): Promise<AuthCallbackResponse> {
    const response = await api.post<AuthCallbackResponse>('/api/auth/callback', {
      code,
      redirect_uri: REDIRECT_URI,
    });
    return response.data;
  },

  /**
   * Logout - clear tokens
   */
  async logout(): Promise<void> {
    try {
      // Optionally call backend logout endpoint
      await api.post('/api/auth/logout');
    } catch (error) {
      console.error('Error during logout:', error);
      // Continue with logout even if backend call fails
    }
  },

  /**
   * Get current user information
   */
  async getCurrentUser(): Promise<User> {
    const response = await api.get<User>('/api/user/me');
    return response.data;
  },
};