from flask import Blueprint, jsonify, request, session

from ..admin import verify_credentials, get_admin

bp = Blueprint("auth", __name__, url_prefix="/api/auth")


@bp.post("/login")
def login():
    data = request.get_json(force=True, silent=True) or {}
    username = (data.get("username") or "").strip()
    password = data.get("password") or ""
    if not username or not password:
        return jsonify({"error": "用户名和密码必填"}), 400

    if not verify_credentials(username, password):
        return jsonify({"error": "用户名或密码错误"}), 401

    session["user"] = username
    return jsonify({"username": username})


@bp.post("/logout")
def logout():
    session.clear()
    return jsonify({"ok": True})


@bp.get("/me")
def me():
    user = session.get("user")
    if not user:
        return jsonify({"error": "未登录"}), 401
    admin = get_admin() or {}
    return jsonify({"username": user, "role": "admin", "has_admin": bool(admin)})