// Package api — session-host endpoints for web-tui (T019).
//
// Provides two endpoints under /api/v1:
//
//   POST /api/v1/pods/session-host
//     Idempotent create-or-get of the authenticated user's durable
//     session-host pod. Also ensures per-user Certificate, Ingress,
//     PVCs, and namespace exist. Safe to call on every page load.
//
//   GET  /api/v1/pods/session-host/{user}/status
//     Reports readiness of the user's session-host pod and the cert.
//
// Both sit under the existing AuthMiddleware (API-key Bearer auth).
// The {user} path parameter is validated against the authenticated
// user's ID — cross-tenant access is refused with 403.
package api

import (
	"context"
	"net/http"
	"time"

	"github.com/go-chi/chi/v5"
)

// SessionHostStatus is the canonical response for both endpoints. Mirrors
// specs/001-mobile-tui/contracts/dev-pod-api-extension.openapi.yaml in
// ~/Work/web-tui.
type SessionHostStatus struct {
	Ready             bool      `json:"ready"`
	PodName           string    `json:"podName"`
	Namespace         string    `json:"namespace,omitempty"`
	CertReady         bool      `json:"certReady"`
	CertPendingReason string    `json:"certPendingReason,omitempty"`
	AtchSessionCount  int       `json:"atchSessionCount,omitempty"`
	CreatedAt         time.Time `json:"createdAt,omitempty"`
}

// SessionHostManager owns the lifecycle of per-user durable session-host
// pods, PVCs, services, ingress, and cert-manager Certificate. The
// concrete implementation lives in internal/k8s/sessionhost.go.
type SessionHostManager interface {
	// EnsureForUser is idempotent: returns the current status for user,
	// creating namespace/PVCs/Pod/Service/Ingress/Certificate if absent.
	EnsureForUser(ctx context.Context, user string) (SessionHostStatus, error)
	// StatusForUser returns the current status without creating anything.
	StatusForUser(ctx context.Context, user string) (SessionHostStatus, error)
}

func (s *Server) handleCreateSessionHost(w http.ResponseWriter, r *http.Request) {
	u := UserFromContext(r.Context())
	if u == nil {
		writeError(w, http.StatusUnauthorized, "not authenticated")
		return
	}
	if s.SessionHost == nil {
		writeError(w, http.StatusServiceUnavailable, "session-host manager not configured")
		return
	}
	st, err := s.SessionHost.EnsureForUser(r.Context(), u.ID)
	if err != nil {
		writeError(w, http.StatusInternalServerError, err.Error())
		return
	}
	writeJSON(w, http.StatusOK, st)
}

func (s *Server) handleSessionHostStatus(w http.ResponseWriter, r *http.Request) {
	u := UserFromContext(r.Context())
	if u == nil {
		writeError(w, http.StatusUnauthorized, "not authenticated")
		return
	}
	urlUser := chi.URLParam(r, "user")
	if u.ID != urlUser {
		writeError(w, http.StatusForbidden, "subject mismatch")
		return
	}
	if s.SessionHost == nil {
		writeError(w, http.StatusServiceUnavailable, "session-host manager not configured")
		return
	}
	st, err := s.SessionHost.StatusForUser(r.Context(), u.ID)
	if err != nil {
		writeError(w, http.StatusInternalServerError, err.Error())
		return
	}
	writeJSON(w, http.StatusOK, st)
}