from app.schemas import LoginSchema
from app.schemas.response import LoginResponseSchema
from app.repositories import UserRepository
from app.mapper import UserMapper
from google.oauth2 import id_token
from google.auth.transport import requests
from app.configs import Config
from app.exception import AuthException
from werkzeug.security import check_password_hash
from app.helpers import DatetimeUtil
from app.mapper import UserMapper


class AuthService:
    def __init__(self, userRepository: UserRepository):
        self.user_repository = userRepository

    def verify_google_id_token(self, id_token_str):
        payload = id_token.verify_oauth2_token(
            id_token_str, requests.Request(), Config.GOOGLE_CLIENT_ID
        )

        google_id = payload.get("sub")
        email = payload.get("email")

        existing_user = self.user_repository.get_by_google_id(google_id)
        if existing_user:
            if existing_user.email == email:

                return UserMapper.user_entity_to_response(existing_user)
            raise AuthException("Email not match")

        new_user = UserMapper.from_google_payload(google_id, email, payload)

        user_id = self.user_repository.insert_user(user_data=new_user)

        user_data = self.user_repository.get_user_by_id(user_id=user_id)

        return UserMapper.user_entity_to_response(user_data)

    def login(self, data: LoginSchema):
        user_data = self.user_repository.get_user_by_email(data.email)

        if user_data is None:
            return None

        if not check_password_hash(user_data.password, data.password):
            return None
        user_data.password = None

        return UserMapper.user_entity_to_response(user_data)