from os import getenv,path
from pathlib import Path
from django.core.management.utils import get_random_secret_key
import dotenv
from datetime import timedelta
import os

# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent

dotenv_file = BASE_DIR/ '.env.local'

if path.isfile(dotenv_file):
    dotenv.load_dotenv(dotenv_file)
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
# SECRET_KEY = getenv("DJANGO_SECRET_KEY", get_random_secret_key())
SECRET_KEY = "FKNSECRETKEY"

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

ALLOWED_HOSTS = getenv("DJANGO_ALLOWED_HOSTS", "*,127.0.0.1,localhost,realestate.nbytetech.com,kaeskanest.com").split(",")


INSTALLED_APPS = [
    'jazzmin',
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',

    'users',
    'property',

    'rest_framework',
    'djoser',
    'corsheaders'
]

JAZZMIN_SETTINGS = {
    "site_title": "Aranest Admin",
    "site_header": "Aranest Admin Panel",
    "site_brand": "Aranest",
    "welcome_sign": "Welcome to Aranest Admin",
    "show_sidebar": True,
    "navigation_expanded": True,
    "order_with_respect_to": ["auth", "property"],
    "icons": {
        "auth": "fas fa-users-cog",
        "property": "fas fa-building",
    },
    # More options at https://django-jazzmin.readthedocs.io/en/latest/configuration/
}

MIDDLEWARE = [
    "corsheaders.middleware.CorsMiddleware",
    "backend.middleware.MediaCORSMiddleware",

    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

# Custom middleware for large file uploads
class LargeFileUploadMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        # Set request timeout for large uploads
        if request.method == 'POST' and request.content_type and 'multipart/form-data' in request.content_type:
            # Increase timeout for file uploads
            request.META['REQUEST_TIMEOUT'] = 600  # 10 minutes
        
        response = self.get_response(request)
        return response

AUTH_COOKIE = 'access'
AUTH_COOKIE_MAX_AGE = 60 * 60 * 24
AUTH_COOKIE_SECURE = getenv('AUTH_COOKIE_SECURE')
AUTH_COOKIE_HTTP_ONLY = getenv('AUTH_COOKIE_HTTP_ONLY')
AUTH_COOKIE_PATH = '/'
AUTH_COOKIE_SAMESITE = getenv('AUTH_COOKIE_SAMESITE')

CORS_ALLOWED_ORIGINS = getenv(
    'CORS_ALLOWED_ORIGINS',
    'http://localhost:3000,http://127.0.0.1:3000,https://kaeskanest.com,https://aranest.com,https://www.aranest.com'
).split(',')

CORS_ORIGIN_WHITELIST = [
    # Add your React frontend URL here
    'http://localhost:3000',  # Example
    'https://aranest.com'
]

CORS_ALLOW_CREDENTIALS=True

CSRF_TRUSTED_ORIGINS = [
    "https://aranest.com",
]


# Session configuration - use database backend to avoid pickle issues
SESSION_ENGINE = "django.contrib.sessions.backends.db"
SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_SECURE = False

# Cache configuration (optional, for future use)
CACHES = {
    'default': {
        'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
        'LOCATION': 'unique-snowflake',
    }
}

ROOT_URLCONF = 'backend.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

WSGI_APPLICATION = 'backend.wsgi.application'


# Database
# https://docs.djangoproject.com/en/4.2/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': BASE_DIR / 'db.sqlite3',
    }
}

AUTHENTICATION_BACKENDS = [
    'users.backends.CaseInsensitiveModelBackend',  # Add our custom backend first
    'django.contrib.auth.backends.ModelBackend',  # Keep the default backend as fallback
]

# Password validation
# https://docs.djangoproject.com/en/4.2/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    # {
    #     'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    # },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    # {
    #     'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    # },
    # {
    #     'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    # },
]


# Internationalization
# https://docs.djangoproject.com/en/4.2/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_TZ = True


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/4.2/howto/static-files/

STATIC_URL = 'static/'
STATIC_ROOT = BASE_DIR / 'static'
MEDIA_URL = '/media/'
MEDIA_ROOT = BASE_DIR / 'media'

# File Upload Configuration for Large Files
DATA_UPLOAD_MAX_MEMORY_SIZE = 100 * 1024 * 1024  # 100MB
FILE_UPLOAD_MAX_MEMORY_SIZE = 100 * 1024 * 1024  # 100MB
DATA_UPLOAD_MAX_NUMBER_FIELDS = 10000  # Increase field limit
FILE_UPLOAD_TEMP_DIR = BASE_DIR / 'temp_uploads'  # Temporary upload directory

# Create temp upload directory if it doesn't exist
if not os.path.exists(FILE_UPLOAD_TEMP_DIR):
    os.makedirs(FILE_UPLOAD_TEMP_DIR)

# Timeout settings for large uploads
REQUEST_TIMEOUT = 300  # 5 minutes
UPLOAD_TIMEOUT = 600   # 10 minutes

# EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
# EMAIL_HOST = getenv('EMAIL_HOST')
# EMAIL_HOST_USER = getenv('EMAIL_HOST_USER')
# EMAIL_HOST_PASSWORD = getenv('EMAIL_HOST_PASSWORD')
# EMAIL_PORT = getenv('EMAIL_PORT')
# DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
# EMAIL_USE_SSL = True
# EMAIL_USE_TLS = False

EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = getenv('EMAIL_HOST', 'mail.neuroxie.com')
EMAIL_PORT = getenv('EMAIL_PORT', 587)
EMAIL_USE_TLS = True
EMAIL_HOST_USER = getenv('EMAIL_HOST_USER', 'no-reply@aranest.com')
EMAIL_HOST_PASSWORD = getenv('EMAIL_HOST_PASSWORD', 'fDfk=g@5,vwo')
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER

STRIPE_SECRET_KEY = getenv("STRIPE_SECRET_KEY")
STRIPE_PUBLIC_KEY = getenv("STRIPE_PUBLIC_KEY")
STRIPE_SUCCESS_URL = getenv("STRIPE_SUCCESS_URL")
STRIPE_CANCEL_URL = getenv("STRIPE_CANCEL_URL")

PAYPAL_MODE = getenv("PAYPAL_MODE", "live")
PAYPAL_CLIENT_ID = getenv("PAYPAL_CLIENT_ID")
PAYPAL_CLIENT_SECRET = getenv("PAYPAL_CLIENT_SECRET")
PAYPAL_SUCCESS_URL = getenv("PAYPAL_SUCCESS_URL")
PAYPAL_CANCEL_URL = getenv("PAYPAL_CANCEL_URL")
VERIF_PAYPAL_SUCCESS_URL = getenv("VERIF_PAYPAL_SUCCESS_URL")
VERIF_PAYPAL_CANCEL_URL = getenv("VERIF_PAYPAL_CANCEL_URL")
PAYPAL_BOOST_SUCCESS_URL = getenv("PAYPAL_BOOST_SUCCESS_URL")
PAYPAL_EDIT_ADDON_SUCCESS_URL = getenv("PAYPAL_EDIT_SUCCESS_URL")

# DOMAIN = getenv("DOMAIN")
DOMAIN = "aranest.com"
SITE_NAME = "Aranest"

SIMPLE_JWT = {
    "AUTH_HEADER_TYPES": ('JWT',),
    "ACCESS_TOKEN_LIFETIME": timedelta(days=7),     # 7 days access token (increased from 1 day)
    "REFRESH_TOKEN_LIFETIME": timedelta(days=60),   # 60 days refresh token (increased from 30 days)
    "ROTATE_REFRESH_TOKENS": True,                 # Generate new refresh token when refreshing
    "BLACKLIST_AFTER_ROTATION": False,             # Don't blacklist old refresh tokens
    "UPDATE_LAST_LOGIN": True,                     # Update last login timestamp
    
    # For development environment, can be removed in production
    "AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",),
    "TOKEN_TYPE_CLAIM": "token_type",
    
    # Make token refresh easier
    "USER_ID_FIELD": "id",                         # The database field from user model for ID
    "USER_ID_CLAIM": "user_id",                    # The claim in the token that holds the user ID
    
    # Additional settings to prevent token issues
    "ALGORITHM": "HS256",                          # Use HS256 algorithm
    "SIGNING_KEY": SECRET_KEY,                     # Use Django's secret key
    "VERIFYING_KEY": None,                         # No verifying key for HS256
    "AUDIENCE": None,                              # No audience validation
    "ISSUER": None,                                # No issuer validation
    "JWK_URL": None,                               # No JWK URL
    "LEEWAY": 0,                                   # No leeway for clock skew
}

DJOSER = {
    'PASSWORD_RESET_CONFIRM_URL': 'password-reset/{uid}/{token}',
    'SEND_ACTIVATION_EMAIL': True,
    'ACTIVATION_URL': 'activation/{uid}/{token}',
    'USER_CREATE_PASSWORD_RETYPE':True,
    'PASSWORD_RESET_CONFIRM_RETYPE':True,
    'TOKEN_MODEL':None,
}

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'users.authentication.CustomJWTAuthentication',
        'rest_framework.authentication.TokenAuthentication',
    ],
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated'
    ]
}

# Default primary key field type
# https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field

DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
AUTH_USER_MODEL = 'users.UserAccount'

SESSION_COOKIE_AGE = 60 * 60 * 24 * 7  # 7 days in seconds
SESSION_EXPIRE_AT_BROWSER_CLOSE = False
SESSION_SAVE_EVERY_REQUEST = True