from datetime import datetime as dt, timezone as tz
from flask import request, redirect, url_for, flash, render_template, Blueprint, jsonify, session
from flask_security import login_user, logout_user

from ..models.user import User, Tenant
from .auth_forms import LoginForm

auth_bp = Blueprint('auth_bp', __name__, template_folder='templates')


@auth_bp.route('/login', methods=['GET', 'POST'])
def login():
    form = LoginForm()
    if form.validate_on_submit():
        email = form.email.data
        password = form.password.data
        remember_me = True if form.remember_me.data else False

        user = User.query.filter_by(email=email).first()
        tenant = Tenant.query.filter_by(id=user.tenant_id).first()
        if user and user.verify_and_update_password(password):
            if user.is_active:
                login_user(user, remember=remember_me)
                next_page = request.args.get('next')

                session['tenant_id'] = user.tenant_id
                session['tenant_name'] = tenant.name

                return redirect(next_page)
            else:
                flash('Account disabled. Please contact your administrator.', category='error')
        else:
            flash('Invalid email or password.', category='error')

    return render_template('login.html', form=form)


@auth_bp.route('/logout', methods=['POST'])
def logout():
    logout_user()

    # Clear session data
    session.pop('tenant_id', None)
    session.pop('tenant_name', None)

    return redirect(url_for('/'))