from fastapi import APIRouter, Depends, Request
from pydantic import BaseModel, EmailStr, Field
from asyncpg import Connection

from app.api.dependencies.database import get_connection
from app.db.repositories.users import UsersRepository
from app.services.password_reset import send_reset_code_by_email, reset_password_with_code

# ❌ 不要再写 prefix，这里只负责声明相对路径
router = APIRouter(tags=["auth-password"])

class PasswordForgotIn(BaseModel):
    email: EmailStr

@router.post("/forgot")
async def forgot_password(
    payload: PasswordForgotIn,
    request: Request,
    conn: Connection = Depends(get_connection),
):
    users_repo = UsersRepository(conn)
    await send_reset_code_by_email(request, conn, users_repo, payload.email)
    return {"ok": True}

class PasswordResetIn(BaseModel):
    email: EmailStr
    code: str = Field(min_length=4, max_length=12)
    password: str = Field(min_length=6)
    confirm_password: str = Field(min_length=6)

@router.post("/reset")
async def reset_password(
    payload: PasswordResetIn,
    conn: Connection = Depends(get_connection),
):
    if payload.password != payload.confirm_password:
        return {"ok": False, "detail": "两次输入的密码不一致"}

    users_repo = UsersRepository(conn)
    await reset_password_with_code(
        conn,
        users_repo,
        email=payload.email,
        code=payload.code,
        new_password=payload.password,
    )
    return {"ok": True}