#pragma once
#include <drogon/drogon.h>
#include <bcrypt/BCrypt.hpp>
#include <jwt-cpp/jwt.h>
#include <string>
#include <memory>

struct UserInfo {
    int64_t id;
    std::string username;
    bool isAdmin;
    bool isStreamer;
    bool isPgpOnly;
    std::string bio;
    std::string avatarUrl;
    std::string pgpOnlyEnabledAt;
};

class AuthService {
public:
    static AuthService& getInstance() {
        static AuthService instance;
        return instance;
    }
    
    // User registration
    void registerUser(const std::string& username, const std::string& password,
                     const std::string& publicKey, const std::string& fingerprint,
                     std::function<void(bool success, const std::string& error, int64_t userId)> callback);
    
    // User login with password
    void loginUser(const std::string& username, const std::string& password,
                  std::function<void(bool success, const std::string& token, const UserInfo& user)> callback);
    
    // User login with PGP (returns challenge)
    void initiatePgpLogin(const std::string& username,
                         std::function<void(bool success, const std::string& challenge, const std::string& publicKey)> callback);
    
    // Verify PGP signature
    void verifyPgpLogin(const std::string& username, const std::string& signature, const std::string& challenge,
                       std::function<void(bool success, const std::string& token, const UserInfo& user)> callback);
    
    // Validate JWT token
    bool validateToken(const std::string& token, UserInfo& userInfo);
    
    // Update password
    void updatePassword(int64_t userId, const std::string& oldPassword, const std::string& newPassword,
                       std::function<void(bool success, const std::string& error)> callback);
    
    // Check password requirements
    bool validatePassword(const std::string& password, std::string& error);
    
    // Generate JWT token
    std::string generateToken(const UserInfo& user);

private:
    AuthService() = default;
    ~AuthService() = default;
    AuthService(const AuthService&) = delete;
    AuthService& operator=(const AuthService&) = delete;
    
    std::string jwtSecret_;
};