'use client';

import { createContext, useCallback, useContext, useEffect, useState } from 'react';

export interface AuthAdmin {
  id: string;
  email: string;
  name?: string | null;
  role: 'OWNER' | 'ADMIN' | 'VIEWER';
  tenantId: string;
  tenantSlug: string;
  tenantName?: string;
}

interface AuthState {
  admin: AuthAdmin | null;
  loading: boolean;
  error: string | null;
  refresh: () => Promise<void>;
  logout: () => Promise<void>;
}

const AuthContext = createContext<AuthState | null>(null);

export function AuthProvider({ children }: { children: React.ReactNode }) {
  const [admin, setAdmin] = useState<AuthAdmin | null>(null);
  const [loading, setLoading] = useState(true);
  const [error, setError] = useState<string | null>(null);

  const refresh = useCallback(async () => {
    setLoading(true);
    setError(null);
    try {
      const res = await fetch('/api/auth/me', { credentials: 'include' });
      if (res.status === 401) {
        setAdmin(null);
        return;
      }
      if (!res.ok) {
        setError('Unable to verify session');
        setAdmin(null);
        return;
      }
      const data = await res.json();
      setAdmin(data.admin ?? null);
    } catch (e) {
      setError(e instanceof Error ? e.message : 'Network error');
      setAdmin(null);
    } finally {
      setLoading(false);
    }
  }, []);

  const logout = useCallback(async () => {
    await fetch('/api/auth/logout', { method: 'POST', credentials: 'include' });
    setAdmin(null);
  }, []);

  useEffect(() => {
    void refresh();
  }, [refresh]);

  return (
    <AuthContext.Provider value={{ admin, loading, error, refresh, logout }}>
      {children}
    </AuthContext.Provider>
  );
}

export function useAuth(): AuthState {
  const ctx = useContext(AuthContext);
  if (!ctx) throw new Error('useAuth must be used within <AuthProvider>');
  return ctx;
}