from datetime import datetime, timezone

from fastapi import APIRouter, Request
from fastapi.responses import JSONResponse

from web.audit import is_admin_session
from web.config import settings
from web.session import get_session, session_public_view

router = APIRouter()


@router.get("/status")
def admin_status(request: Request):
    session = get_session(request)
    if not is_admin_session(session):
        return JSONResponse({"error": "admin access required"}, status_code=403)

    public_session = session_public_view(session)
    return {
        "version": settings.version,
        "build_id": settings.build_id,
        "asset_version": settings.asset_version,
        "timestamp_utc": datetime.now(timezone.utc).isoformat(),
        "session": public_session,
        "environment": {
            "docusign_base_url": settings.docusign_base_url,
            "docusign_auth_server": settings.docusign_auth_server,
            "docusign_redirect_uri": settings.docusign_redirect_uri,
            "adobe_sign_base_url": settings.adobe_sign_base_url,
            "adobe_redirect_uri": settings.adobe_redirect_uri,
            "session_store_dir": settings.session_store_dir,
            "audit_log_file": settings.audit_log_file,
        },
    }