"use client"

import { useState, useEffect, useCallback, createContext, useContext, ReactNode } from 'react'
import { DataAPI } from '@/lib/data-api'
import type { User } from '@/lib/data-schemas'

// Authentication context types
interface AuthContextType {
  user: User | null
  isLoading: boolean
  isAuthenticated: boolean
  login: (email: string, password: string, rememberMe?: boolean) => Promise<any>
  register: (userData: any) => Promise<void>
  logout: () => Promise<void>
  refreshAuth: () => Promise<void>
}

// Create auth context
const AuthContext = createContext<AuthContextType | null>(null)

// Auth provider component
export function AuthProvider({ children }: { children: ReactNode }) {
  const [user, setUser] = useState<User | null>(null)
  const [isLoading, setIsLoading] = useState(true)

  // Initialize auth state on mount
  useEffect(() => {
    initializeAuth()
  }, [])

  // Periodic session validation to detect suspended accounts
  useEffect(() => {
    if (!user) return

    // Validate session every 5 minutes
    const sessionCheckInterval = setInterval(async () => {
      try {
        console.log('Performing periodic session validation...')
        const currentUser = await DataAPI.getCurrentUser()
        
        if (!currentUser) {
          // Session is no longer valid (suspended, token version mismatch, etc.)
          console.warn('Session validation failed - logging out user')
          await logout()
          
          // Show appropriate message based on status
          if (typeof window !== 'undefined') {
            const message = 'Your session has expired or your account status has changed. Please login again.'
            // Try to show a toast if available
            if ((window as any).showToast) {
              (window as any).showToast(message, 'error')
            } else {
              alert(message)
            }
          }
        } else if (currentUser.status === 'suspended') {
          // Account was suspended
          console.warn('Account suspended - logging out user')
          await logout()
          
          if (typeof window !== 'undefined') {
            const message = 'Your account has been suspended. Please contact support for more information.'
            if ((window as any).showToast) {
              (window as any).showToast(message, 'error')
            } else {
              alert(message)
            }
          }
        }
      } catch (error) {
        console.error('Session validation error:', error)
        // Don't logout on network errors, only on auth errors
        if (error instanceof Error && error.message.includes('401')) {
          await logout()
        }
      }
    }, 5 * 60 * 1000) // Check every 5 minutes

    // Cleanup interval on unmount
    return () => clearInterval(sessionCheckInterval)
  }, [user])

  const initializeAuth = async () => {
    try {
      setIsLoading(true)
      console.log('Initializing auth...')

      // Check if user is authenticated
      const isAuth = DataAPI.isAuthenticated()
      console.log('Is authenticated:', isAuth)
      
      if (isAuth) {
        // Try to get current user profile
        console.log('Fetching current user...')
        const currentUser = await DataAPI.getCurrentUser()
        console.log('Current user:', currentUser)
        
        if (currentUser) {
          setUser(currentUser)
          // Store user role for easy access
          localStorage.setItem('user_role', currentUser.role)
          console.log('User set in auth context:', currentUser.firstName, currentUser.lastName)
        } else {
          console.log('User fetch failed, clearing tokens')
          // Token exists but user fetch failed, clear tokens
          await DataAPI.auth.logout()
          setUser(null)
          localStorage.removeItem('user_role')
        }
      } else {
        console.log('No authentication token found')
        setUser(null)
      }
    } catch (error: any) {
      // Silently handle expired/invalid tokens (expected on public pages)
      // Only log non-authentication errors
      const errorMessage = error?.message || ''
      const isAuthError = errorMessage.includes('401') || 
                          errorMessage.includes('authentication') || 
                          errorMessage.includes('expired') ||
                          errorMessage.includes('invalid token')
      
      if (!isAuthError) {
      console.error('Auth initialization failed:', error)
      } else {
        console.log('Token expired or invalid, user will remain logged out')
      }
      
      // Clear invalid tokens silently
      await DataAPI.auth.logout()
      setUser(null)
      localStorage.removeItem('user_role')
    } finally {
      setIsLoading(false)
      console.log('Auth initialization complete')
    }
  }

  const login = async (email: string, password: string, rememberMe = false) => {
    try {
      setIsLoading(true)

      const response = await DataAPI.auth.login({ email, password, rememberMe })

      console.log('Auth hook - Full API response:', response)

      if (response.success && response.data?.user) {
        // Ensure user object has all required fields
        const userData = response.data.user
        console.log('Auth hook - User data:', userData)
        
        setUser(userData)
        localStorage.setItem('user_role', userData.role)
        
        // Return the full response data including redirectUrl and nextStep
        const returnData = {
          user: userData,
          token: response.data.token,
          nextStep: response.data.nextStep,
          redirectUrl: response.data.redirectUrl
        }
        
        console.log('Auth hook - Returning data:', returnData)
        return returnData
      } else {
        console.error('Auth hook - Invalid response structure:', response)
        throw new Error(response.message || 'Login failed')
      }
    } catch (error) {
      console.error('Auth hook - Login failed:', error)
      throw error
    } finally {
      setIsLoading(false)
    }
  }

  const register = async (userData: any) => {
    try {
      setIsLoading(true)

      const response = await DataAPI.auth.register(userData)

      if (response.success && response.data?.user) {
        setUser(response.data.user)
        localStorage.setItem('user_role', response.data.user.role)
      } else {
        throw new Error(response.message || 'Registration failed')
      }
    } catch (error) {
      console.error('Registration failed:', error)
      throw error
    } finally {
      setIsLoading(false)
    }
  }

  const logout = async () => {
    try {
      setIsLoading(true)
      await DataAPI.auth.logout()
      setUser(null)
      localStorage.removeItem('user_role')
    } catch (error) {
      console.error('Logout failed:', error)
      // Even if API call fails, clear local state
      setUser(null)
      localStorage.removeItem('user_role')
    } finally {
      setIsLoading(false)
    }
  }

  const refreshAuth = async () => {
    try {
      await initializeAuth()
    } catch (error) {
      console.error('Auth refresh failed:', error)
      throw error
    }
  }

  const value: AuthContextType = {
    user,
    isLoading,
    isAuthenticated: !!user,
    login,
    register,
    logout,
    refreshAuth,
  }

  return <AuthContext.Provider value={value}>{children}</AuthContext.Provider>
}

// Hook to use auth context
export function useAuth() {
  const context = useContext(AuthContext)
  if (!context) {
    throw new Error('useAuth must be used within an AuthProvider')
  }
  return context
}

// Hook for facility owner specific functionality
export function useFacilityOwner() {
  const { user, isAuthenticated } = useAuth()

  const isFacilityOwner = isAuthenticated && user?.role === 'facility_owner'
  // Note: facilityOwner verification is now in FacilityOwnerProfile model
  const isVerifiedFacilityOwner = isFacilityOwner // Simplified for now

  return {
    isFacilityOwner,
    isVerifiedFacilityOwner,
    canManageFacilities: isVerifiedFacilityOwner,
  }
}