import { getServerSession } from "next-auth";
import { authOptions } from "@/app/api/auth/[...nextauth]/route";
import { NextResponse } from "next/server";

// Helper function to delete user from Leantime
async function deleteLeantimeUser(email: string): Promise<{ success: boolean; error?: string }> {
  try {
    // First, get all users from Leantime
    const getUsersResponse = await fetch('https://agilite.slm-lab.net/api/jsonrpc', {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
        'X-API-Key': process.env.LEANTIME_TOKEN || '',
      },
      body: JSON.stringify({
        method: 'leantime.rpc.Users.Users.getAll',
        jsonrpc: '2.0',
        id: 1,
        params: {}
      })
    });

    const getUsersData = await getUsersResponse.json();
    console.log('Leantime get users response:', getUsersData);

    if (!getUsersResponse.ok || !getUsersData.result) {
      console.error('Failed to get Leantime users:', getUsersData);
      return { 
        success: false, 
        error: getUsersData.error?.message || 'Failed to get users in Leantime' 
      };
    }

    // Find the user with matching email
    const user = getUsersData.result.find((u: any) => u.username === email);
    if (!user) {
      console.log('User not found in Leantime, might have been already deleted');
      return { success: true }; // Consider it a success if user doesn't exist
    }

    // Now delete the user using their Leantime ID
    const deleteResponse = await fetch('https://agilite.slm-lab.net/api/jsonrpc', {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
        'X-API-Key': process.env.LEANTIME_TOKEN || '',
      },
      body: JSON.stringify({
        method: 'leantime.rpc.Users.Users.deleteUser',
        jsonrpc: '2.0',
        id: 1,
        params: {
          id: user.id
        }
      })
    });

    const deleteData = await deleteResponse.json();
    console.log('Leantime delete response:', deleteData);

    if (!deleteResponse.ok || !deleteData.result) {
      console.error('Leantime user deletion failed:', deleteData);
      return { 
        success: false, 
        error: deleteData.error?.message || 'Failed to delete user in Leantime' 
      };
    }

    return { success: true };
  } catch (error) {
    console.error('Error deleting Leantime user:', error);
    return { 
      success: false, 
      error: 'Error deleting user in Leantime' 
    };
  }
}

//TODO: Ajouter la suppression automatique du compte Nextcloud
export async function DELETE(
  req: Request,
  { params }: { params: { userId: string } }
) {
  const session = await getServerSession(authOptions);

  if (!session) {
    return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
  }

  try {
    // First get an admin token using client credentials
    const tokenResponse = await fetch(
      `${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`,
      {
        method: 'POST',
        headers: {
          'Content-Type': 'application/x-www-form-urlencoded',
        },
        body: new URLSearchParams({
          grant_type: 'client_credentials',
          client_id: process.env.KEYCLOAK_CLIENT_ID!,
          client_secret: process.env.KEYCLOAK_CLIENT_SECRET!,
        }),
      }
    );

    const tokenData = await tokenResponse.json();
    
    if (!tokenResponse.ok) {
      console.error("Failed to get admin token:", tokenData);
      return NextResponse.json(
        { error: "Erreur d'authentification" },
        { status: 401 }
      );
    }

    // Get user details before deletion to get their email
    const userResponse = await fetch(
      `${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${params.userId}`,
      {
        headers: {
          Authorization: `Bearer ${tokenData.access_token}`,
        },
      }
    );

    if (!userResponse.ok) {
      console.error("Failed to get user details:", await userResponse.text());
      return NextResponse.json(
        { error: "Erreur lors de la récupération des détails de l'utilisateur" },
        { status: userResponse.status }
      );
    }

    const userDetails = await userResponse.json();

    // Delete user from Keycloak
    const deleteResponse = await fetch(
      `${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${params.userId}`,
      {
        method: "DELETE",
        headers: {
          Authorization: `Bearer ${tokenData.access_token}`,
        },
      }
    );

    console.log("Keycloak delete response:", {
      status: deleteResponse.status,
      ok: deleteResponse.ok
    });

    if (!deleteResponse.ok) {
      const errorText = await deleteResponse.text();
      console.error("Delete error:", errorText);
      return NextResponse.json(
        { error: "Erreur lors de la suppression", details: errorText },
        { status: deleteResponse.status }
      );
    }

    // Delete user from Leantime
    const leantimeResult = await deleteLeantimeUser(userDetails.email);

    if (!leantimeResult.success) {
      console.error("Leantime user deletion failed:", leantimeResult.error);
      // We don't return an error here since Keycloak user was deleted successfully
      // We just log the error and continue
    }

    return NextResponse.json({ success: true });
  } catch (error) {
    console.error("Error deleting user:", error);
    return NextResponse.json(
      { error: "Erreur serveur", details: error },
      { status: 500 }
    );
  }
}

export async function PUT(
  req: Request,
  { params }: { params: { userId: string } }
) {
  const session = await getServerSession(authOptions);

  if (!session) {
    return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
  }

  try {
    const body = await req.json();

    // Get client credentials token
    const tokenResponse = await fetch(
      `${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`,
      {
        method: 'POST',
        headers: {
          'Content-Type': 'application/x-www-form-urlencoded',
        },
        body: new URLSearchParams({
          grant_type: 'client_credentials',
          client_id: process.env.KEYCLOAK_CLIENT_ID!,
          client_secret: process.env.KEYCLOAK_CLIENT_SECRET!,
        }),
      }
    );

    const tokenData = await tokenResponse.json();

    if (!tokenResponse.ok) {
      console.error("Failed to get token:", tokenData);
      return NextResponse.json({ error: "Failed to get token" }, { status: 500 });
    }

    // Update user
    const updateResponse = await fetch(
      `${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${params.userId}`,
      {
        method: 'PUT',
        headers: {
          'Authorization': `Bearer ${tokenData.access_token}`,
          'Content-Type': 'application/json',
        },
        body: JSON.stringify(body),
      }
    );

    if (!updateResponse.ok) {
      const errorData = await updateResponse.json();
      console.error("Failed to update user:", errorData);
      return NextResponse.json({ error: "Failed to update user" }, { status: updateResponse.status });
    }

    return NextResponse.json({ success: true });
  } catch (error) {
    console.error("Error in PUT user:", error);
    return NextResponse.json({ error: "Internal server error" }, { status: 500 });
  }
}