from rest_framework.views import APIView
from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response
from rest_framework import status

from apps.core.services import (
    verify_recovery_code,
    regenerate_recovery_codes,
)
from apps.core.utils import verify_totp
from apps.core.serializers import RecoveryCodeRegenerateSerializer


class RecoveryCodeRegenerateView(APIView):
    permission_classes = [IsAuthenticated]

    def post(self, request):
        serializer = RecoveryCodeRegenerateSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)

        token = serializer.validated_data["token"]
        user = request.user

        two_factor = getattr(user, "two_factor", None)

        if not two_factor or not two_factor.is_enabled:
            return Response(
                {"detail": "2FA is not enabled"},
                status=status.HTTP_400_BAD_REQUEST
            )

        if token.isdigit():
            verified = verify_totp(two_factor.secret, int(token))
        else:
            verified = verify_recovery_code(user, token)

        if not verified:
            return Response(
                {"detail": "Invalid OTP or recovery code"},
                status=status.HTTP_400_BAD_REQUEST
            )

        new_codes = regenerate_recovery_codes(user)

        return Response({
            "message": "Recovery codes regenerated successfully",
            "detail": "These recovery codes will not be shown again. "
                      "Please store them securely.",
            "recovery_codes": new_codes,
        }, status=status.HTTP_200_OK)