from fastapi import APIRouter, Depends, HTTPException
from core.database import fake_users_db
from fastapi.responses import JSONResponse
from core.auth import authenticate_user, create_access_token, create_refresh_token
from datetime import timedelta

router = APIRouter()

@router.post("/login")
async def login_handler(
    username: str,
    password: str,
    response: JSONResponse
):
    """Demo login endpoint"""
    user = fake_users_db.get(username)
    if not user or user["password"] != password:
        raise HTTPException(status_code=400, detail="Invalid credentials")
    
    access_token = create_access_token(user["id"])
    refresh_token = create_refresh_token(user["id"])
    
    response.set_cookie(
        key="access_token",
        value=access_token,
        httponly=True,
        max_age=1800,
        expires=1800
    )
    response.set_cookie(
        key="refresh_token",
        value=refresh_token,
        httponly=True,
        max_age=604800,
        expires=604800
    )
    response.set_cookie(
        key="session_id",
        value=user["id"],
        httponly=True,
        max_age=604800,
        expires=604800
    )
    
    return {"message": "Login successful"}