import importlib
import os
import tempfile
from unittest.mock import patch


def _fresh_auth(tmpdir):
    """Reload auth module with a temp users file and clear sessions."""
    import auth
    importlib.reload(auth)
    auth._sessions.clear()
    return os.path.join(tmpdir, "users.toml")


def test_has_users_false_when_empty():
    with tempfile.TemporaryDirectory() as tmpdir:
        import auth
        importlib.reload(auth)
        users_path = os.path.join(tmpdir, "users.toml")
        with patch("auth.USERS_PATH", users_path):
            assert not auth.has_users()


def test_create_and_authenticate():
    with tempfile.TemporaryDirectory() as tmpdir:
        import auth
        importlib.reload(auth)
        auth._sessions.clear()
        users_path = os.path.join(tmpdir, "users.toml")
        with patch("auth.USERS_PATH", users_path):
            auth.create_user("thomas", "geheim123", "/tmp/transkripte", is_admin=True)
            token = auth.authenticate("thomas", "geheim123")
            assert token is not None
            assert len(token) > 10


def test_authenticate_wrong_password():
    with tempfile.TemporaryDirectory() as tmpdir:
        import auth
        importlib.reload(auth)
        auth._sessions.clear()
        users_path = os.path.join(tmpdir, "users.toml")
        with patch("auth.USERS_PATH", users_path):
            auth.create_user("thomas", "geheim123", "/tmp/transkripte")
            assert auth.authenticate("thomas", "falsch") is None


def test_authenticate_unknown_user():
    with tempfile.TemporaryDirectory() as tmpdir:
        import auth
        importlib.reload(auth)
        users_path = os.path.join(tmpdir, "users.toml")
        with patch("auth.USERS_PATH", users_path):
            assert auth.authenticate("niemand", "irgendwas") is None


def test_get_user_for_token():
    with tempfile.TemporaryDirectory() as tmpdir:
        import auth
        importlib.reload(auth)
        auth._sessions.clear()
        users_path = os.path.join(tmpdir, "users.toml")
        with patch("auth.USERS_PATH", users_path):
            auth.create_user("anna", "secret456", "/tmp/anna")
            token = auth.authenticate("anna", "secret456")
            user = auth.get_user_for_token(token)
            assert user["username"] == "anna"
            assert user["output_dir"] == "/tmp/anna"


def test_invalidate_token():
    with tempfile.TemporaryDirectory() as tmpdir:
        import auth
        importlib.reload(auth)
        auth._sessions.clear()
        users_path = os.path.join(tmpdir, "users.toml")
        with patch("auth.USERS_PATH", users_path):
            auth.create_user("bob", "pass789!", "/tmp/bob")
            token = auth.authenticate("bob", "pass789!")
            auth.invalidate_token(token)
            assert auth.get_user_for_token(token) is None


def test_has_users_true_after_create():
    with tempfile.TemporaryDirectory() as tmpdir:
        import auth
        importlib.reload(auth)
        users_path = os.path.join(tmpdir, "users.toml")
        with patch("auth.USERS_PATH", users_path):
            auth.create_user("lisa", "abc123!", "/tmp/lisa")
            assert auth.has_users()