"""
Internal API for Recipes Service
Handles internal service-to-service operations
"""

from fastapi import APIRouter, Depends, HTTPException, Header
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy import select, func
from uuid import UUID
import structlog

from app.core.database import get_db
from app.core.config import settings
from app.models.recipes import Recipe, RecipeStatus

logger = structlog.get_logger()
router = APIRouter(prefix="/internal", tags=["internal"])


async def verify_internal_api_key(x_internal_api_key: str = Header(None)):
    """Verify internal API key for service-to-service communication"""
    required_key = settings.INTERNAL_API_KEY
    if x_internal_api_key != required_key:
        logger.warning("Unauthorized internal API access attempted")
        raise HTTPException(status_code=403, detail="Invalid internal API key")
    return True


@router.get("/count")
async def get_recipe_count(
    tenant_id: str,
    db: AsyncSession = Depends(get_db),
    _: bool = Depends(verify_internal_api_key)
):
    """
    Get count of recipes for onboarding status check.
    Counts DRAFT and ACTIVE recipes (excludes ARCHIVED/DISCONTINUED).
    Internal endpoint for tenant service.
    """
    try:
        count = await db.scalar(
            select(func.count()).select_from(Recipe)
            .where(
                Recipe.tenant_id == UUID(tenant_id),
                Recipe.status.in_([RecipeStatus.DRAFT, RecipeStatus.ACTIVE, RecipeStatus.TESTING])
            )
        )

        return {
            "count": count or 0,
            "tenant_id": tenant_id
        }

    except Exception as e:
        logger.error("Failed to get recipe count", tenant_id=tenant_id, error=str(e))
        raise HTTPException(status_code=500, detail=f"Failed to get recipe count: {str(e)}")