from fastapi import APIRouter, Depends, HTTPException
from core.database import fake_users_db
from fastapi.security import OAuth2PasswordRequestForm

router = APIRouter()

@router.post("/login")
async def login_handler(
    form_data: OAuth2PasswordRequestForm = Depends()
):
    """Authenticate user and return token"""
    user = fake_users_db.get(form_data.username)
    
    if not user or user["password"] != form_data.password:
        raise HTTPException(
            status_code=401,
            detail="Incorrect username or password",
            headers={"WWW-Authenticate": "Bearer"},
        )

    if user.get("disabled"):
        raise HTTPException(
            status_code=400,
            detail="Inactive user"
        )

    return {
        "message": "Login successful",
        "access_token": "dummy_jwt_token_" + form_data.username,
        "token_type": "bearer",
        "user": {
            "username": form_data.username,
            "email": user["email"]
        },
        "features": {
            "rate_limit": 100,
            "expires_in": 3600
        }
    }