from django.contrib.auth import get_user_model
from django.test import Client, TestCase, override_settings
from django.urls import reverse

from clients.models import Client, ClientPortalAccess


@override_settings(ALLOWED_HOSTS=["testserver", "localhost", "127.0.0.1"])
class LoginAndStartupTests(TestCase):
    def setUp(self):
        User = get_user_model()
        self.admin = User.objects.create_superuser(
            username="admin.v7",
            email="admin.v7@example.test",
            password="AdminV7Pass!2026",
        )
        self.client_record = Client.objects.create(
            name="Cliente de teste V7",
            email="cliente.v7@example.test",
            portal_access_enabled=True,
        )
        self.portal_user = User.objects.create_user(
            username="cliente.v7",
            email="cliente.login@example.test",
            password="ClienteV7Pass!2026",
        )
        ClientPortalAccess.objects.create(
            user=self.portal_user,
            client=self.client_record,
            role=ClientPortalAccess.Role.OWNER,
            is_active=True,
        )

    def test_home_shows_access_gateway(self):
        response = self.client.get(reverse("home"))
        self.assertEqual(response.status_code, 200)
        self.assertContains(response, "Backoffice")
        self.assertContains(response, "Área do cliente")

    def test_superuser_can_login_on_portal_page_with_username(self):
        response = self.client.post(
            reverse("client_portal:login"),
            {"username": "admin.v7", "password": "AdminV7Pass!2026"},
        )
        self.assertRedirects(response, reverse("admin:index"), fetch_redirect_response=False)

    def test_superuser_can_login_on_portal_page_with_email(self):
        response = self.client.post(
            reverse("client_portal:login"),
            {"username": "admin.v7@example.test", "password": "AdminV7Pass!2026"},
        )
        self.assertRedirects(response, reverse("admin:index"), fetch_redirect_response=False)

    def test_superuser_can_login_on_admin_page_with_email(self):
        response = self.client.post(
            reverse("admin:login") + "?next=" + reverse("admin:index"),
            {
                "username": "admin.v7@example.test",
                "password": "AdminV7Pass!2026",
                "next": reverse("admin:index"),
            },
        )
        self.assertRedirects(response, reverse("admin:index"), fetch_redirect_response=False)

    def test_client_account_still_goes_to_client_portal(self):
        response = self.client.post(
            reverse("client_portal:login"),
            {"username": "cliente.login@example.test", "password": "ClienteV7Pass!2026"},
        )
        self.assertRedirects(response, reverse("client_portal:dashboard"), fetch_redirect_response=False)

    def test_health_endpoint_works_without_authentication(self):
        response = self.client.get(reverse("health") + "?format=json")
        self.assertEqual(response.status_code, 200)
        self.assertIn(response.json()["status"], {"ok", "warning"})