"""Shared fixtures for bincio-auth tests."""

from __future__ import annotations

import pytest
from fastapi.testclient import TestClient

from bincio.auth import deps
from bincio.auth.db import create_invite, create_user, open_db
from bincio.auth.server import app


@pytest.fixture(autouse=True)
def _reset_deps(tmp_path):
    """Isolate each test: fresh DB, clean module state."""
    deps.data_dir = tmp_path
    deps.jwt_secret = "test-secret-32-bytes-long-enough!"
    deps._db = None
    deps.oidc_private_key_pem = ""
    deps.oidc_issuer = ""
    deps._login_attempts.clear()
    deps._register_attempts.clear()
    yield
    if deps._db is not None:
        deps._db.close()
    deps._db = None


@pytest.fixture()
def db():
    return deps._get_db()


@pytest.fixture()
def client():
    return TestClient(app, raise_server_exceptions=True)


@pytest.fixture()
def admin(db):
    return create_user(db, "admin", "Admin", "adminpass1", is_admin=True)


@pytest.fixture()
def user(db):
    return create_user(db, "alice", "Alice", "alicepass1")


@pytest.fixture()
def invite(db, admin):
    return create_invite(db, admin.handle)


def login(client: TestClient, handle: str, password: str) -> str:
    """Helper: POST /api/auth/login and return the session cookie value."""
    r = client.post("/api/auth/login", json={"handle": handle, "password": password})
    assert r.status_code == 200
    return r.cookies["bincio_session"]


def auth_cookies(handle: str, password: str, client: TestClient) -> dict:
    """Return a cookies dict suitable for authenticated requests."""
    token = login(client, handle, password)
    return {"bincio_session": token}