from fastapi import Depends, HTTPException, status
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from sqlalchemy.ext.asyncio import AsyncSession

from backend.app.core.config import settings
from backend.app.core.database import get_session
from backend.app.core.security import decode_access_token
from backend.app.models.rider import Rider

bearer_scheme = HTTPBearer()


async def get_current_rider(
    credentials: HTTPAuthorizationCredentials = Depends(bearer_scheme),
    session: AsyncSession = Depends(get_session),
) -> Rider:
    try:
        payload = decode_access_token(
            credentials.credentials,
            settings.JWT_SECRET_KEY,
            settings.JWT_ALGORITHM,
        )
    except Exception:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid or expired token",
        )

    rider = await session.get(Rider, payload["sub"])
    if not rider:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Rider not found",
        )

    return rider