"""Authentication API endpoints."""

from fastapi import APIRouter, Depends, status

from app.api.deps import CurrentUser, get_current_user
from app.schemas.auth import (
    LoginRequest,
    LogoutRequest,
    RefreshRequest,
    RegisterRequest,
    SwitchOrgRequest,
    TokenResponse,
)
from app.services import AuthService


router = APIRouter(prefix="/auth", tags=["auth"])
auth_service = AuthService()


@router.post("/register", response_model=TokenResponse, status_code=status.HTTP_201_CREATED)
async def register_user(payload: RegisterRequest) -> TokenResponse:
    """Register a new user and default org, returning auth tokens."""

    return await auth_service.register_user(payload)


@router.post("/login", response_model=TokenResponse)
async def login_user(payload: LoginRequest) -> TokenResponse:
    """Authenticate an existing user and issue tokens."""

    return await auth_service.login_user(payload)


@router.post("/refresh", response_model=TokenResponse)
async def refresh_tokens(payload: RefreshRequest) -> TokenResponse:
    """Rotate refresh token and mint a new access token."""

    return await auth_service.refresh_tokens(payload)


@router.post("/switch-org", response_model=TokenResponse)
async def switch_org(
    payload: SwitchOrgRequest,
    current_user: CurrentUser = Depends(get_current_user),
) -> TokenResponse:
    """Switch the active organization for the authenticated user."""

    return await auth_service.switch_org(current_user, payload)


@router.post("/logout", status_code=status.HTTP_204_NO_CONTENT)
async def logout(
    payload: LogoutRequest,
    current_user: CurrentUser = Depends(get_current_user),
) -> None:
    """Revoke the provided refresh token for the current session."""

    await auth_service.logout(current_user, payload)