package handler

import (
	"encoding/json"
	"errors"
	"fmt"
	"io"
	"log"
	"net/http"
	"net/url"
	"path"
	"regexp"
	"strconv"
	"strings"
	"time"

	"github.com/gin-gonic/gin"

	"wx_service/config"
	oss "wx_service/internal/common/oss"
	uploadservice "wx_service/internal/common/upload/service"
	"wx_service/internal/middleware"
	"wx_service/internal/model"
)

type UploadHandler struct {
	uploadService *uploadservice.UploadService
}

func NewUploadHandler(uploadService *uploadservice.UploadService) *UploadHandler {
	return &UploadHandler{uploadService: uploadService}
}

type uploadTokenRequest struct {
	Filename string `json:"filename"`
}

type callbackPayload struct {
	Key      string `json:"key"`
	Hash     string `json:"hash"`
	Fsize    int64  `json:"fsize"`
	MimeType string `json:"mimeType"`
}

type uploadTokenResponse struct {
	Token        string `json:"token,omitempty"`
	Key          string `json:"key"`
	UploadURL    string `json:"upload_url"`
	ExpireAt     int64  `json:"expire,omitempty"`
	CDNDomain    string `json:"cdn_domain,omitempty"`
	OSSAccessKey string `json:"oss_access_key_id,omitempty"`
	OSSPolicy    string `json:"oss_policy,omitempty"`
	OSSSignature string `json:"oss_signature,omitempty"`
}

var extPattern = regexp.MustCompile(`^\.[a-z0-9]{1,10}$`)

// GetUploadToken 返回直传所需的凭证；CDN 为阿里云 OSS 时返回 OSS PostObject 凭证。
func (h *UploadHandler) GetUploadToken(c *gin.Context) {
	user := middleware.MustCurrentUser(c)

	var req uploadTokenRequest
	_ = c.ShouldBindJSON(&req)

	cfg := config.AppConfig.OSS
	cdnDomain := strings.TrimSpace(cfg.CDNDomain)

	if oss.IsOSSDomain(cdnDomain) && cfg.AccessKey != "" && cfg.SecretKey != "" && cfg.Bucket != "" {
		ext := path.Ext(req.Filename)
		if ext == "" || !extPattern.MatchString(strings.ToLower(ext)) {
			ext = ".jpg"
		}
		keyPrefix := strings.Trim(cfg.KeyPrefix, "/")
		key := fmt.Sprintf("%s/mp_%d/user_%d/%s/%x%s",
			keyPrefix, user.MiniProgramID, user.ID,
			time.Now().Format("20060102"), time.Now().UnixNano()&0xffffffff, ext)
		endpoint := oss.ParseOSSEndpoint(cdnDomain)
		expireSeconds := cfg.TokenExpireSeconds
		if expireSeconds <= 0 {
			expireSeconds = 300
		}
		policy, signature, err := oss.PostPolicy(cfg.Bucket, endpoint, key, cfg.SecretKey, expireSeconds)
		if err != nil {
			c.JSON(http.StatusInternalServerError, model.Error(http.StatusInternalServerError, "生成 OSS 凭证失败"))
			return
		}
		uploadURL := oss.UploadHost(cfg.Bucket, endpoint)
		cdnHost := "https://" + cfg.Bucket + "." + endpoint + ".aliyuncs.com"
		c.JSON(http.StatusOK, model.Success(uploadTokenResponse{
			Key:          key,
			UploadURL:    uploadURL,
			CDNDomain:    cdnHost,
			OSSAccessKey: cfg.AccessKey,
			OSSPolicy:    policy,
			OSSSignature: signature,
		}))
		return
	}

	token, err := h.uploadService.CreateUploadToken(user.MiniProgramID, user.ID, req.Filename)
	if err != nil {
		if errors.Is(err, uploadservice.ErrUploadNotConfigured) {
			c.JSON(http.StatusServiceUnavailable, model.Error(http.StatusServiceUnavailable, "未配置上传服务，请联系管理员"))
			return
		}
		c.JSON(http.StatusInternalServerError, model.Error(http.StatusInternalServerError, "获取上传凭证失败，请稍后重试"))
		return
	}
	c.JSON(http.StatusOK, model.Success(token))
}

// UploadCallback 处理上传回调（无需登录），通过签名验签确保来源可信。
func (h *UploadHandler) UploadCallback(c *gin.Context) {
	rawBody, err := io.ReadAll(c.Request.Body)
	if err != nil {
		c.JSON(http.StatusBadRequest, model.Error(http.StatusBadRequest, "读取回调内容失败"))
		return
	}

	if err := h.uploadService.VerifyCallbackSignature(c.Request, rawBody); err != nil {
		switch {
		case errors.Is(err, uploadservice.ErrUploadNotConfigured):
			c.JSON(http.StatusServiceUnavailable, model.Error(http.StatusServiceUnavailable, "上传服务未配置"))
		default:
			c.JSON(http.StatusUnauthorized, model.Error(http.StatusUnauthorized, "回调验签失败"))
		}
		return
	}

	payload, err := parseCallbackPayload(c.ContentType(), rawBody)
	if err != nil {
		c.JSON(http.StatusBadRequest, model.Error(http.StatusBadRequest, "回调内容格式错误"))
		return
	}
	if strings.TrimSpace(payload.Key) == "" {
		c.JSON(http.StatusBadRequest, model.Error(http.StatusBadRequest, "回调内容缺少 key"))
		return
	}

	log.Printf("[upload_callback] key=%s hash=%s fsize=%d mimeType=%s", payload.Key, payload.Hash, payload.Fsize, payload.MimeType)
	c.JSON(http.StatusOK, model.Success(gin.H{"ok": true}))
}

func parseCallbackPayload(contentType string, raw []byte) (callbackPayload, error) {
	var payload callbackPayload
	trimmed := strings.TrimSpace(strings.ToLower(contentType))
	if strings.Contains(trimmed, "application/json") {
		if err := json.Unmarshal(raw, &payload); err != nil {
			return callbackPayload{}, err
		}
		return payload, nil
	}

	values, err := url.ParseQuery(string(raw))
	if err != nil {
		return callbackPayload{}, err
	}
	payload.Key = strings.TrimSpace(values.Get("key"))
	payload.Hash = strings.TrimSpace(values.Get("hash"))
	payload.MimeType = strings.TrimSpace(values.Get("mimeType"))
	if rawFsize := strings.TrimSpace(values.Get("fsize")); rawFsize != "" {
		fsize, parseErr := strconv.ParseInt(rawFsize, 10, 64)
		if parseErr != nil {
			return callbackPayload{}, parseErr
		}
		payload.Fsize = fsize
	}
	return payload, nil
}