from fastapi import Depends, HTTPException, Header, Cookie
from typing import Optional
from sqlalchemy.orm import Session
from app.models.database import get_db
from app.models.user import UserDB, UserRole
from app.core.security import verify_token

async def get_current_user(
    authorization: Optional[str] = Header(None),
    access_token: Optional[str] = Cookie(None),
    db: Session = Depends(get_db)
) -> UserDB:
    
    print(f"authorization: {authorization}")
    print(f"access_token: {access_token}")
    
    # 优先使用Header中的token，其次使用Cookie中的token
    token = None
    if authorization and authorization.startswith("Bearer "):
        token = authorization.split(" ")[1]
    elif access_token:
        token = access_token
        
    if not token:
        raise HTTPException(status_code=401, detail="未提供有效的认证信息")
    
    print(f"token: {token}")

    sub, phone = verify_token(token)
    if not sub:
        raise HTTPException(status_code=401, detail="Token已过期或无效")
    
    user = db.query(UserDB).filter(UserDB.phone == phone).first()
    if not user:
        raise HTTPException(status_code=401, detail="用户未登录")
    return user

async def get_admin_user(
    current_user: UserDB = Depends(get_current_user)
) -> UserDB:
    if UserRole.ADMIN not in current_user.roles:
        raise HTTPException(status_code=403, detail="需要管理员权限")
    return current_user

async def get_deliveryman_user(
    current_user: UserDB = Depends(get_current_user)
) -> UserDB:
    """验证配送员权限"""
    if UserRole.DELIVERYMAN not in current_user.roles:
        raise HTTPException(status_code=403, detail="需要配送员权限")
    return current_user 

async def get_merchant_user(
    current_user: UserDB = Depends(get_current_user)
) -> UserDB:
    """验证商家权限"""
    if UserRole.MERCHANT not in current_user.roles:
        raise HTTPException(status_code=403, detail="需要商家权限")
    return current_user