import { Request, Response } from 'express';
import db from '../../database/models';
import jwt from 'jsonwebtoken';

// Mock secret for now, should be in env
const JWT_SECRET = process.env.JWT_SECRET || 'dev-secret';

export class ProspectiveLoginController {

    static async sendOtp(req: Request, res: Response) {
        try {
            const { phone } = req.body;

            if (!phone) {
                return res.status(400).json({ message: 'Phone number is required' });
            }

            console.log(`[ProspectiveLogin] Received OTP request for phone: '${phone}'`);

            // Check if application exists and is shortlisted
            const application = await db.Application.findOne({
                where: { phone: phone }
            });

            console.log(`[ProspectiveLogin] DB Search Result:`, application ? `Found AppId: ${application.id}, Shortlisted: ${application.isShortlisted}, DDLeadShortlisted: ${application.ddLeadShortlisted}` : 'Not Found');

            if (!application) {
                console.log(`[ProspectiveLogin] Application not found for ${phone}, returning 404`);
                return res.status(404).json({ message: 'No application found with this phone number' });
            }

            if (!application.isShortlisted && !application.ddLeadShortlisted) {
                console.log(`[ProspectiveLogin] Application found but not shortlisted`);
                return res.status(403).json({ message: 'Your application is under review. You can login only after shortlisting.' });
            }

            // Mock logic: In a real app, we would generate a random OTP and send it via SMS
            console.log(`[Mock] OTP request for ${phone}`);

            return res.status(200).json({
                message: 'OTP sent successfully',
                data: {
                    phone,
                    mockOtp: '123456'
                }
            });

        } catch (error) {
            console.error('Send OTP error:', error);
            return res.status(500).json({ message: 'Internal server error' });
        }
    }

    static async verifyOtp(req: Request, res: Response) {
        try {
            const { phone, otp } = req.body;

            if (!phone || !otp) {
                return res.status(400).json({ message: 'Phone and OTP are required' });
            }

            if (otp === '123456') {
                // Fetch application again to get details
                const application = await db.Application.findOne({
                    where: { phone: phone }
                });

                if (!application) {
                    return res.status(404).json({ message: 'Application not found' });
                }

                // Generate a real token or a mock one that Auth middleware accepts
                // Using the specific mock token format for now to bypass standard Auth middleware db check 
                // if it's strict, or we can issue a real JWT if `strategies` allow it.
                // Reverting to the mock token format we established:
                const token = 'mock-prospective-token-' + application.id;

                return res.status(200).json({
                    message: 'OTP verified successfully',
                    data: {
                        token: token,
                        user: {
                            id: application.id, // Use application ID as user ID for prospective
                            name: application.applicantName,
                            email: application.email,
                            phone: application.phone,
                            role: 'Prospective Dealer',
                            applicationId: application.applicationId
                        }
                    }
                });
            } else {
                return res.status(400).json({ message: 'Invalid OTP' });
            }

        } catch (error) {
            console.error('Verify OTP error:', error);
            return res.status(500).json({ message: 'Internal server error' });
        }
    }
}