package api

import (
	"database/sql"
	"net/http"
	"os"
	"strings"
)

func NewRouter(metaDB *sql.DB, marketingDB *sql.DB, marketingAuthDB *sql.DB, resellerDB *sql.DB, ymtDB *sql.DB, grpcAddr string, marketingAPIDomain string) http.Handler {
	mux := http.NewServeMux()

	// 创建认证中间件
	authMiddleware := withAuth(marketingAPIDomain)

	// 需要认证的路由（所有 API 路由）
	mux.Handle("/api/templates", withAccess(withTrace(authMiddleware(TemplatesHandler(metaDB, marketingDB)))))
	mux.Handle("/api/templates/", withAccess(withTrace(authMiddleware(TemplatesHandler(metaDB, marketingDB)))))
	mux.Handle("/api/exports", withAccess(withTrace(authMiddleware(ExportsHandler(metaDB, marketingDB, ymtDB)))))

	// exports 路由处理（特殊处理下载接口）
	mux.HandleFunc("/api/exports/", func(w http.ResponseWriter, r *http.Request) {
		path := r.URL.Path
		if strings.HasSuffix(path, "/download") {
			// 下载接口，不需要认证
			handler := exportsDownloadHandler(metaDB, marketingDB, ymtDB)
			handler.ServeHTTP(w, r)
		} else {
			// 其他 exports 路由需要认证
			handler := withAccess(withTrace(authMiddleware(ExportsHandler(metaDB, marketingDB, ymtDB))))
			handler.ServeHTTP(w, r)
		}
	})

	mux.Handle("/api/metadata/fields", withAccess(withTrace(authMiddleware(MetadataHandler(metaDB, marketingDB, ymtDB)))))
	mux.Handle("/api/fields", withAccess(withTrace(authMiddleware(FieldsHandler(marketingDB, ymtDB)))))
	mux.Handle("/api/fields/", withAccess(withTrace(authMiddleware(FieldsHandler(marketingDB, ymtDB)))))
	mux.Handle("/api/creators", withAccess(withTrace(authMiddleware(CreatorsHandler(marketingAuthDB)))))
	mux.Handle("/api/creators/", withAccess(withTrace(authMiddleware(CreatorsHandler(marketingAuthDB)))))
	mux.Handle("/api/resellers", withAccess(withTrace(authMiddleware(ResellersHandler(resellerDB)))))
	mux.Handle("/api/resellers/", withAccess(withTrace(authMiddleware(ResellersHandler(resellerDB)))))
	mux.Handle("/api/plans", withAccess(withTrace(authMiddleware(PlansHandler(marketingDB)))))
	mux.Handle("/api/plans/", withAccess(withTrace(authMiddleware(PlansHandler(marketingDB)))))
	mux.Handle("/api/ymt/users", withAccess(withTrace(authMiddleware(YMTUsersHandler(grpcAddr)))))
	mux.Handle("/api/ymt/users/", withAccess(withTrace(authMiddleware(YMTUsersHandler(grpcAddr)))))
	mux.Handle("/api/ymt/merchants", withAccess(withTrace(authMiddleware(YMTMerchantsHandler(ymtDB)))))
	mux.Handle("/api/ymt/merchants/", withAccess(withTrace(authMiddleware(YMTMerchantsHandler(ymtDB)))))
	mux.Handle("/api/ymt/activities", withAccess(withTrace(authMiddleware(YMTActivitiesHandler(ymtDB)))))
	mux.Handle("/api/ymt/activities/", withAccess(withTrace(authMiddleware(YMTActivitiesHandler(ymtDB)))))

	// 工具类接口（不需要认证）
	mux.HandleFunc("/api/utils/decode_key", func(w http.ResponseWriter, r *http.Request) {
		v := r.URL.Query().Get("v")
		if v == "" {
			w.WriteHeader(http.StatusBadRequest)
			w.Write([]byte("missing v"))
			return
		}
		d := decodeOrderKey(v)
		w.Header().Set("Content-Type", "application/json")
		w.Write([]byte("{\"decoded\":\"" + d + "\"}"))
	})
	sd := staticDir()
	mux.Handle("/", http.FileServer(http.Dir(sd)))
	return mux
}

func staticDir() string {
	if _, err := os.Stat("web/index.html"); err == nil {
		return "web"
	}
	if _, err := os.Stat("../web/index.html"); err == nil {
		return "../web"
	}
	return "web"
}