from flask import Blueprint, render_template, request, redirect, url_for, flash
from flask_login import login_required, current_user
from extensions import db, environment, htmx
from jinja2_fragments import render_block
import secrets
import json

settings = Blueprint('settings', __name__)

@settings.route("/api-keys", methods=["GET"])
@login_required
def api_keys():
    user_id = current_user.id
    api_keys = db.list_api_keys(user_id)
    
    # Parse scopes for display
    for key in api_keys:
        if isinstance(key['scopes'], str):
            key['scopes'] = json.loads(key['scopes'])
            
    # Fetch user's functions for scoping
    functions = db.get_http_functions_for_user(user_id)

    if htmx:
        return render_block(
            environment, 
            "dashboard/settings/api_keys.html", 
            "page", 
            api_keys=api_keys,
            functions=functions
        )
    return render_template("dashboard/settings/api_keys.html", api_keys=api_keys, functions=functions)

@settings.route("/api-keys", methods=["POST"])
@login_required
def create_api_key():
    user_id = current_user.id
    name = request.form.get("name", "My API Key")
    scopes_list = request.form.getlist("scopes")
    
    if not scopes_list:
        scopes = ["*"]
    else:
        scopes = scopes_list

    # Generate a secure random key
    key = f"sk_{secrets.token_urlsafe(24)}"
    
    db.create_api_key(user_id, name, key, scopes)
    
    flash(f"API Key created: {key} - Save it now, you won't see it again!", "success")
    return redirect(url_for("settings.api_keys"))

@settings.route("/api-keys/<int:key_id>", methods=["DELETE"])
@login_required
def delete_api_key(key_id):
    user_id = current_user.id
    db.delete_api_key(user_id, key_id)
    return "", 200