from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import OAuth2PasswordRequestForm

from api.core.users import Token
from api.auth.db_utils import authenticate_user
from api.auth.auth_utils import create_access_token

router = APIRouter(prefix="/token")


@router.post("/", response_model=Token)
async def login_for_access_token(
    form_data: OAuth2PasswordRequestForm = Depends(),
) -> Token:
    """
    Authenticates a user and provides an access token.
    :param form_data: OAuth2PasswordRequestForm object containing the user's credentials.
    :raises HTTPException: If the user cannot be authenticated.
    :return: A Token object containing the access token and the token type.
    """
    user = authenticate_user(form_data.username, form_data.password)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Incorrect username or password",
            headers={"WWW-Authenticate": "Bearer"},
        )

    access_token = create_access_token(data={"sub": user.username})
    return Token(access_token=access_token, token_type="bearer")