"""Main routes for the application."""

from flask import Blueprint

from app.services.decorators import get_current_user, require_auth, require_admin, require_auth_or_api_token, get_user_from_api_token
from app.services.greeting_service import GreetingService

bp = Blueprint("main", __name__)


@bp.route("/")
def index() -> dict[str, str]:
    """Root endpoint that returns a greeting."""
    return GreetingService.get_greeting()


@bp.route("/hello")
@bp.route("/hello/<name>")
def hello(name: str | None = None) -> dict[str, str]:
    """Hello endpoint with optional name parameter."""
    return GreetingService.get_greeting(name)


@bp.route("/protected")
@require_auth
def protected() -> dict[str, str]:
    """Protected endpoint that requires JWT authentication."""
    user = get_current_user()
    return {
        "message": f"Hello {user['name']}, this is a protected endpoint!",
        "user": user
    }


@bp.route("/api-protected")
@require_auth_or_api_token
def api_protected() -> dict[str, str]:
    """Protected endpoint that accepts JWT or API token authentication."""
    # Try to get user from JWT first, then API token
    user = get_current_user()
    if not user:
        user = get_user_from_api_token()
    
    return {
        "message": f"Hello {user['name']}, you accessed this via {user['provider']}!",
        "user": user
    }


@bp.route("/admin")
@require_admin
def admin_only() -> dict[str, str]:
    """Admin-only endpoint to demonstrate role-based access."""
    user = get_current_user()
    return {
        "message": f"Hello admin {user['name']}, you have admin access!",
        "user": user,
        "admin_info": "This endpoint is only accessible to admin users"
    }


@bp.route("/health")
def health() -> dict[str, str]:
    """Health check endpoint."""
    return {"status": "ok"}