package main

import (
	"context"
	"log"
	"time"

	"github.com/gofiber/fiber/v3"
	"github.com/gofiber/fiber/v3/middleware/adaptor"

	appu "knowfoolery/backend/services/user-service/internal/application/user"
	uconfig "knowfoolery/backend/services/user-service/internal/infra/config"
	uent "knowfoolery/backend/services/user-service/internal/infra/persistence/ent"
	httpapi "knowfoolery/backend/services/user-service/internal/interfaces/http"
	"knowfoolery/backend/shared/infra/auth/zitadel"
	sharedpostgres "knowfoolery/backend/shared/infra/database/postgres"
	"knowfoolery/backend/shared/infra/observability/logging"
	sharedmetrics "knowfoolery/backend/shared/infra/observability/metrics"
	"knowfoolery/backend/shared/infra/observability/tracing"
	"knowfoolery/backend/shared/infra/utils/serviceboot"
	"knowfoolery/backend/shared/infra/utils/validation"
)

func main() {
	cfg := uconfig.FromEnv()

	logger := logging.NewLogger(cfg.Logging)
	metrics := sharedmetrics.NewMetrics(cfg.Metrics)

	tracer, err := tracing.NewTracer(cfg.Tracing)
	if err != nil {
		logger.Fatal("failed to initialize tracer")
	}
	defer func() {
		_ = tracer.Shutdown(context.Background())
	}()

	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
	defer cancel()

	persistence, err := sharedpostgres.NewClient(ctx, cfg.Postgres)
	if err != nil {
		logger.WithError(err).Fatal("failed to initialize postgres client")
	}
	defer persistence.Close()

	repo := uent.NewUserRepository(persistence)
	if err := repo.EnsureSchema(ctx); err != nil {
		logger.WithError(err).Fatal("failed to ensure schema")
	}

	service := appu.NewService(repo)
	handler := httpapi.NewHandler(
		service,
		validation.NewValidator(),
		logger,
		metrics,
		cfg.AdminListDefaultLimit,
		cfg.AdminListMaxLimit,
	)

	bootCfg := serviceboot.Config{
		AppName:     cfg.AppName,
		ServiceSlug: "user",
		PortEnv:     "USER_SERVICE_PORT",
		DefaultPort: cfg.Port,
	}
	app := serviceboot.NewFiberApp(bootCfg)
	serviceboot.RegisterHealth(app, bootCfg.ServiceSlug)
	serviceboot.RegisterReadiness(
		app,
		2*time.Second,
		serviceboot.ReadyCheck{
			Name:     "postgres",
			Required: true,
			Probe:    persistence.Pool.Ping,
		},
	)
	app.Get("/metrics", adaptor.HTTPHandler(sharedmetrics.Handler()))

	authMiddleware, adminMiddleware := buildAuthMiddleware(cfg)
	httpapi.RegisterRoutes(app, handler, authMiddleware, adminMiddleware)

	addr := serviceboot.ListenAddress(bootCfg.PortEnv, bootCfg.DefaultPort)
	log.Fatal(serviceboot.Run(app, addr))
}

func buildAuthMiddleware(cfg uconfig.Config) (fiber.Handler, fiber.Handler) {
	auth := zitadel.BuildJWTMiddleware(zitadel.MiddlewareFactoryConfig{
		BaseURL:      cfg.ZitadelBaseURL,
		ClientID:     cfg.ZitadelClientID,
		ClientSecret: cfg.ZitadelSecret,
		Issuer:       cfg.ZitadelIssuer,
		Audience:     cfg.ZitadelAudience,
		RequiredClaims: []string{
			"sub",
			"email",
		},
		AdminEndpoints: []string{"/admin"},
		Timeout:        10 * time.Second,
	})
	return auth, nil
}