WellNuo/contexts/AuthContext.tsx

import { api } from '@/services/api';
import type { ApiError, User } from '@/types';
import React, { createContext, useCallback, useContext, useEffect, useState, type ReactNode } from 'react';

// Test account for development - uses legacy anandk credentials
const DEV_EMAIL = 'serter2069@gmail.com';

interface AuthState {
  user: User | null;
  isLoading: boolean;
  isInitializing: boolean;
  isAuthenticated: boolean;
  error: ApiError | null;
}

// ...

const AuthContext = createContext<AuthContextType | null>(null);

export function AuthProvider({ children }: { children: ReactNode }) {
  const [state, setState] = useState<AuthState>({
    user: null,
    isLoading: false,
    isInitializing: true,
    isAuthenticated: false,
    error: null,
  });

  // Check authentication on mount
  useEffect(() => {
    console.log('[AuthContext] checkAuth starting...');
    checkAuth();
  }, []);

  // DISABLED: Session expiration check was causing unwanted logouts
  // The legacy API doesn't properly handle session tokens
  // useEffect(() => {
  //   setOnUnauthorizedCallback(() => {
  //     api.logout().then(() => {
  //       setState({
  //         user: null,
  //         isLoading: false,
  //         isAuthenticated: false,
  //         error: { message: 'Session expired. Please login again.' },
  //       });
  //     });
  //   });
  // }, []);

  const checkAuth = async () => {
    try {
      console.log(`[AuthContext] checkAuth: Checking token...`);
      const isAuth = await api.isAuthenticated();
      console.log(`[AuthContext] checkAuth: isAuth=${isAuth}`);

      if (isAuth) {
        console.log(`[AuthContext] checkAuth: Getting stored user...`);
        const user = await api.getStoredUser();
        console.log(`[AuthContext] checkAuth: User found=${!!user}`);

        setState({
          user,
          isLoading: false,
          isInitializing: false,
          isAuthenticated: !!user,
          error: null,
        });
      } else {
        console.log(`[AuthContext] checkAuth: No token, setting unauth`);
        setState({
          user: null,
          isLoading: false,
          isInitializing: false,
          isAuthenticated: false,
          error: null,
        });
      }
    } catch (error) {
      console.error(`[AuthContext] checkAuth Error:`, error);
      setState({
        user: null,
        isLoading: false,
        isInitializing: false,
        isAuthenticated: false,
        error: { message: 'Failed to check authentication' },
      });
    } finally {
      console.log(`[AuthContext] checkAuth: Finished`);
    }
  };

  const checkEmail = useCallback(async (email: string): Promise<CheckEmailResult> => {
    setState((prev) => ({ ...prev, isLoading: true, error: null }));

    try {
      // Dev email bypass - treat as existing user with full access
      if (email.toLowerCase() === DEV_EMAIL.toLowerCase()) {
        setState((prev) => ({ ...prev, isLoading: false }));
        return { exists: true, name: 'Developer', skipOtp: true };
      }

      // Check email via API
      const response = await api.checkEmail(email);

      if (response.ok && response.data) {
        setState((prev) => ({ ...prev, isLoading: false }));
        return { exists: response.data.exists, name: response.data.name };
      }

      // API failed - assume new user
      setState((prev) => ({ ...prev, isLoading: false }));
      return { exists: false };
    } catch (error) {
      setState((prev) => ({
        ...prev,
        isLoading: false,
        error: { message: 'Network error. Please check your connection.' },
      }));
      return { exists: false };
    }
  }, []);

  const requestOtp = useCallback(async (email: string): Promise<OtpResult> => {
    setState((prev) => ({ ...prev, isLoading: true, error: null }));

    try {
      // Check if dev email - skip OTP
      if (email.toLowerCase() === DEV_EMAIL.toLowerCase()) {
        setState((prev) => ({ ...prev, isLoading: false }));
        return { success: true, skipOtp: true };
      }

      // Send OTP via Brevo API
      const response = await api.requestOTP(email);

      if (response.ok) {
        setState((prev) => ({ ...prev, isLoading: false }));
        return { success: true, skipOtp: false };
      }

      // API failed
      setState((prev) => ({
        ...prev,
        isLoading: false,
        error: { message: 'Failed to send verification code. Please try again.' },
      }));
      return { success: false, skipOtp: false };
    } catch (error) {
      setState((prev) => ({
        ...prev,
        isLoading: false,
        error: { message: 'Network error. Please check your connection.' },
      }));
      return { success: false, skipOtp: false };
    }
  }, []);

  const verifyOtp = useCallback(async (email: string, code: string): Promise<boolean> => {
    setState((prev) => ({ ...prev, isLoading: true, error: null }));

    try {
      // Dev account bypass - use legacy credentials
      if (email.toLowerCase() === DEV_EMAIL.toLowerCase()) {
        // Login with legacy API using anandk credentials
        const response = await api.login('anandk', 'anandk_8');

        if (response.ok && response.data) {
          const user: User = {
            user_id: response.data.user_id,
            user_name: 'anandk',
            email: email,
            max_role: response.data.max_role,
            privileges: response.data.privileges,
          };

          // Save email to storage
          await api.saveEmail(email);

          setState({
            user,
            isLoading: false,
            isAuthenticated: true,
            error: null,
          });

          return true;
        }

        setState((prev) => ({
          ...prev,
          isLoading: false,
          error: { message: 'Login failed' },
        }));
        return false;
      }

      // Verify OTP via API
      const verifyResponse = await api.verifyOTP(email, code);

      if (verifyResponse.ok && verifyResponse.data) {
        const user: User = {
          user_id: verifyResponse.data.user.id,
          user_name: verifyResponse.data.user.first_name || email.split('@')[0],
          email: email,
          max_role: 'USER',
          privileges: '',
        };

        setState({
          user,
          isLoading: false,
          isAuthenticated: true,
          error: null,
        });

        return true;
      }

      // Wrong OTP code
      setState((prev) => ({
        ...prev,
        isLoading: false,
        error: { message: 'Invalid verification code. Please try again.' },
      }));
      return false;
    } catch (error) {
      setState((prev) => ({
        ...prev,
        isLoading: false,
        error: { message: error instanceof Error ? error.message : 'Verification failed' },
      }));
      return false;
    }
  }, []);

  const logout = useCallback(async () => {
    setState((prev) => ({ ...prev, isLoading: true }));

    try {
      await api.logout();
    } finally {
      setState({
        user: null,
        isLoading: false,
        isAuthenticated: false,
        error: null,
      });
    }
  }, []);

  const clearError = useCallback(() => {
    setState((prev) => ({ ...prev, error: null }));
  }, []);

  return (
    <AuthContext.Provider value={{ ...state, checkEmail, requestOtp, verifyOtp, logout, clearError }}>
      {children}
    </AuthContext.Provider>
  );
}

export function useAuth() {
  const context = useContext(AuthContext);
  if (!context) {
    throw new Error('useAuth must be used within an AuthProvider');
  }
  return context;
}