from pathlib import Path

from fastapi import APIRouter, Depends, HTTPException
from fastapi.responses import FileResponse

from app.auth.deps import get_current_user
from app.config import get_settings
from app.db.models import User

router = APIRouter(prefix="/media", tags=["media"])


@router.get("/generated/{filename}")
def get_generated_image(filename: str) -> FileResponse:
    if ".." in filename or "/" in filename or "\\" in filename:
        raise HTTPException(status_code=400, detail="Invalid filename")

    settings = get_settings()
    path = Path(settings.generated_media_dir) / filename
    if not path.is_file():
        raise HTTPException(status_code=404, detail="File not found")

    return FileResponse(path, media_type="image/png")


@router.get("/uploads/{user_id}/{filename}")
def get_upload_image(
    user_id: int,
    filename: str,
    user: User = Depends(get_current_user),
) -> FileResponse:
    if user.id != user_id:
        raise HTTPException(status_code=403, detail="Forbidden")
    if ".." in filename or "/" in filename or "\\" in filename:
        raise HTTPException(status_code=400, detail="Invalid filename")

    settings = get_settings()
    path = Path(settings.uploads_dir) / str(user_id) / filename
    if not path.is_file():
        raise HTTPException(status_code=404, detail="File not found")

    return FileResponse(path, media_type="image/jpeg")