module Admin
  class ApiKeysController < BaseController
    def index
      @api_keys = ApiKey.order(created_at: :desc)
    end

    def new
      @api_key = ApiKey.new
    end

    def create
      # Build permissions hash
      permissions = {}
      permissions["send_sms"] = params.dig(:api_key, :send_sms) == "1"
      permissions["receive_sms"] = params.dig(:api_key, :receive_sms) == "1"
      permissions["manage_gateways"] = params.dig(:api_key, :manage_gateways) == "1"
      permissions["manage_otp"] = params.dig(:api_key, :manage_otp) == "1"

      # Parse expiration date if provided
      expires_at = if params.dig(:api_key, :expires_at).present?
                     Time.parse(params[:api_key][:expires_at])
                   else
                     nil
                   end

      # Generate API key
      result = ApiKey.generate!(
        name: params[:api_key][:name],
        permissions: permissions,
        expires_at: expires_at
      )

      # Store in session to pass to show action
      session[:new_api_key_id] = result[:api_key].id
      session[:new_api_raw_key] = result[:raw_key]

      redirect_to admin_api_key_path(result[:api_key])
    rescue StandardError => e
      Rails.logger.error "API Key creation failed: #{e.message}\n#{e.backtrace.join("\n")}"
      flash.now[:alert] = "Error creating API key: #{e.message}"
      @api_key = ApiKey.new(name: params.dig(:api_key, :name))
      render :new, status: :unprocessable_entity
    end

    def show
      @api_key = ApiKey.find(params[:id])

      # Check if this is a newly created key (from session)
      if session[:new_api_key_id] == @api_key.id && session[:new_api_raw_key].present?
        @raw_key = session[:new_api_raw_key]
        # Clear session data after retrieving
        session.delete(:new_api_key_id)
        session.delete(:new_api_raw_key)
      else
        # This is an existing key being viewed (shouldn't normally happen)
        redirect_to admin_api_keys_path, alert: "Cannot view API key details after creation"
      end
    end

    def destroy
      @api_key = ApiKey.find(params[:id])
      @api_key.revoke!
      redirect_to admin_api_keys_path, notice: "API key revoked successfully"
    rescue => e
      redirect_to admin_api_keys_path, alert: "Error revoking API key: #{e.message}"
    end

    def toggle
      @api_key = ApiKey.find(params[:id])
      @api_key.update!(active: !@api_key.active)
      redirect_to admin_api_keys_path, notice: "API key #{@api_key.active? ? 'activated' : 'deactivated'}"
    rescue => e
      redirect_to admin_api_keys_path, alert: "Error updating API key: #{e.message}"
    end
  end
end