// Root: inizializza config, Supabase e API backend

const BootScreen = ({ message = 'Caricamento...' }) => (
  <div style={{ minHeight:'100vh', display:'flex', alignItems:'center', justifyContent:'center', padding: 40 }}>
    <div style={{ textAlign:'center' }}>
      <Logo size={40} />
      <div className="mono" style={{ marginTop: 24, fontSize: 12, letterSpacing:'0.16em', textTransform:'uppercase', color:'#5a554c' }}>
        {message}
      </div>
    </div>
  </div>
);

const App = ({ supabaseClient }) => {
  const [user, setUser] = React.useState(null);
  const [loading, setLoading] = React.useState(true);
  const [authMessage, setAuthMessage] = React.useState('');
  const [recoveryMode, setRecoveryMode] = React.useState(() => {
    return new URLSearchParams(window.location.search).get('recovery') === '1';
  });

  const handleSessionExpired = React.useCallback(async (message = window.TTAuth.SESSION_EXPIRED_MESSAGE) => {
    setUser(null);
    setRecoveryMode(false);
    setAuthMessage(message);
    replaceAppUrl(window.TT_CONFIG?.logoutRedirectUrl || `${window.location.origin}/app`);
    await window.TTAuth.signOutLocal(supabaseClient);
  }, [supabaseClient]);

  const api = React.useMemo(() => {
    return createApiClient('', supabaseClient, handleSessionExpired);
  }, [supabaseClient, handleSessionExpired]);

  React.useEffect(() => {
    let active = true;

    window.TTAuth.getTrustedSessionUser(supabaseClient).then(async result => {
      if (!active) return;
      setUser(result.user);
      setAuthMessage(result.expired ? result.message : '');
      if (result.expired) {
        await window.TTAuth.signOutLocal(supabaseClient);
        replaceAppUrl(window.TT_CONFIG?.logoutRedirectUrl || `${window.location.origin}/app`);
      }
      setLoading(false);
    }).catch(async () => {
      if (!active) return;
      setUser(null);
      setAuthMessage(window.TTAuth.SESSION_EXPIRED_MESSAGE);
      await window.TTAuth.signOutLocal(supabaseClient);
      replaceAppUrl(window.TT_CONFIG?.logoutRedirectUrl || `${window.location.origin}/app`);
      setLoading(false);
    });

    const { data: listener } = supabaseClient.auth.onAuthStateChange((event, session) => {
      setUser(session?.user || null);
      if (session?.user) setAuthMessage('');
      if (event === 'PASSWORD_RECOVERY') setRecoveryMode(true);
      if (event === 'SIGNED_OUT') setRecoveryMode(false);
    });

    return () => {
      active = false;
      listener.subscription.unsubscribe();
    };
  }, [supabaseClient]);

  if (loading) return <BootScreen />;
  if (!user) {
    return (
      <AuthScreen
        supabaseClient={supabaseClient}
        initialMessage={authMessage}
        onAuth={(nextUser) => {
          setAuthMessage('');
          setUser(nextUser);
        }}
      />
    );
  }

  return (
    <Dashboard
      user={normalizeUser(user)}
      api={api}
      supabaseClient={supabaseClient}
      recoveryMode={recoveryMode}
      onRecoveryHandled={() => setRecoveryMode(false)}
      onLogout={async () => {
        setUser(null);
        setRecoveryMode(false);
        setAuthMessage('');
        replaceAppUrl(window.TT_CONFIG?.logoutRedirectUrl || `${window.location.origin}/app`);
        await window.TTAuth.signOutLocal(supabaseClient);
      }}
    />
  );
};

function replaceAppUrl(targetUrl) {
  try {
    const target = new URL(targetUrl, window.location.origin);
    const nextPath = target.origin === window.location.origin
      ? `${target.pathname}${target.search}${target.hash}`
      : '/app';
    window.history.replaceState({}, '', nextPath);
  } catch (_error) {
    window.history.replaceState({}, '', '/app');
  }
}

function normalizeUser(user) {
  const metadata = user.user_metadata || {};
  const identityData = identityMetadata(user);

  return {
    id: user.id,
    email: user.email,
    name: firstNonEmpty(
      metadata.name,
      metadata.full_name,
      identityData.name,
      identityData.full_name,
      user.email?.split('@')[0],
      'Utente'
    ),
    avatarUrl: firstNonEmpty(
      metadata.avatar_url,
      metadata.picture,
      identityData.avatar_url,
      identityData.picture
    ),
  };
}

function identityMetadata(user) {
  return (user.identities || [])
    .map(identity => identity.identity_data || {})
    .find(data => data.avatar_url || data.picture || data.name || data.full_name) || {};
}

function firstNonEmpty(...values) {
  return values.find(value => typeof value === 'string' && value.trim()) || '';
}

function createApiClient(baseUrl, supabaseClient, onSessionExpired) {
  async function authHeaders() {
    const { data } = await supabaseClient.auth.getSession();
    const token = data.session?.access_token;
    if (!token) {
      await onSessionExpired?.(window.TTAuth.SESSION_EXPIRED_MESSAGE);
      throw new Error(window.TTAuth.SESSION_EXPIRED_MESSAGE);
    }
    return { Authorization: `Bearer ${token}` };
  }

  async function request(path, options = {}) {
    const headers = await authHeaders();
    const response = await fetch(`${baseUrl}${path}`, {
      ...options,
      headers: {
        ...headers,
        ...(options.headers || {}),
      },
    });

    const payload = await response.json().catch(() => ({}));
    if (!response.ok) {
      if (window.TTAuth.isUnauthorizedResponse(response.status)) {
        await onSessionExpired?.(payload.error || window.TTAuth.SESSION_EXPIRED_MESSAGE);
      }
      throw new Error(payload.error || 'Richiesta non riuscita.');
    }
    return payload;
  }

  return {
    getMe: () => request('/api/me'),
    listTranscriptions: () => request('/api/transcriptions'),
    getTranscription: (id) => request(`/api/transcriptions/${id}`),
    getAdminDashboard: () => request('/api/admin/dashboard'),
    updateAdminCredits: (userId, creditsRemaining) => request(`/api/admin/users/${userId}/credits`, {
      method: 'PATCH',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({ creditsRemaining }),
    }),
    getAdminModels: () => request('/api/admin/models'),
    updateAdminModels: (models) => request('/api/admin/models', {
      method: 'PATCH',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({ models }),
    }),
    verifyAdminModels: (models) => request('/api/admin/models/verify', {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({ models }),
    }),
    createCreditCheckout: (packId) => request('/api/billing/checkout', {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({ packId }),
    }),
    confirmCreditCheckout: (sessionId) => request('/api/billing/checkout/confirm', {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({ sessionId }),
    }),
    createTranscription: ({ file, title, lang, mode }) => {
      const form = new FormData();
      form.append('audio', file.raw);
      form.append('title', title || '');
      form.append('language', lang || 'auto');
      form.append('mode', mode || 'quality');
      return request('/api/transcriptions', {
        method: 'POST',
        body: form,
      });
    },
  };
}

async function boot() {
  try {
    const config = await fetch('/api/config').then(r => r.json());
    window.TT_CONFIG = config;

    const supabaseClient = window.supabase.createClient(config.supabaseUrl, config.supabaseAnonKey);
    ReactDOM.createRoot(document.getElementById('root')).render(
      <App supabaseClient={supabaseClient} />
    );
  } catch (error) {
    ReactDOM.createRoot(document.getElementById('root')).render(
      <BootScreen message={error.message || 'Configurazione mancante'} />
    );
  }
}

boot();