@using System.Security.Claims
@implements IAsyncDisposable
@inject AuthenticationStateProvider AuthenticationStateProvider
@inject NavigationManager Navigation
@inject IJSRuntime JS

<div class="site-menu-shell">
    <header class="site-menu-bar">
        <div class="site-menu-main">
            <a class="site-menu-brand" href="index.html" aria-label="Accueil ChessCubing">
                <img class="site-menu-brand-icon" src="logo.png" alt="Icone ChessCubing" />
                <span class="site-menu-brand-copy">
                    <span class="micro-label">ChessCubing Arena</span>
                    <strong>Menu general</strong>
                </span>
            </a>

            <nav class="site-menu-links" aria-label="Navigation principale">
                <a class="@BuildNavLinkClass(HomePaths)" href="index.html" aria-current="@BuildAriaCurrent(HomePaths)">Accueil</a>
                <a class="@BuildNavLinkClass(ApplicationPaths)" href="application.html" aria-current="@BuildAriaCurrent(ApplicationPaths)">Application</a>
                <a class="@BuildNavLinkClass(RulesPaths)" href="reglement.html" aria-current="@BuildAriaCurrent(RulesPaths)">Reglement</a>
            </nav>

            <div class="site-menu-account">
                <span class="micro-label">Compte Keycloak</span>
                @if (IsAuthenticated)
                {
                    <div class="site-menu-account-panel">
                        <div class="site-menu-user">
                            <strong>@DisplayName</strong>
                            <span>@DisplayMeta</span>
                        </div>
                        <a class="button ghost small" href="@LogoutHref">Se deconnecter</a>
                    </div>
                }
                else
                {
                    <div class="site-menu-account-actions">
                        <button class="button secondary small" type="button" @onclick="OpenLoginModal">Se connecter</button>
                        <button class="button ghost small" type="button" @onclick="OpenRegisterModal">Creer un compte</button>
                    </div>
                }
            </div>
        </div>
    </header>
</div>

<section class="modal @(ShowAuthModal ? string.Empty : "hidden")" aria-hidden="@BoolString(!ShowAuthModal)">
    <div class="modal-backdrop" @onclick="CloseAuthModal"></div>
    <div class="modal-card auth-modal-card">
        <div class="modal-head">
            <div>
                <p class="eyebrow">Compte Keycloak</p>
                <h2>@AuthModalTitle</h2>
            </div>
            <button class="button ghost small" type="button" @onclick="CloseAuthModal">Fermer</button>
        </div>
        <p class="auth-modal-copy">
            L'authentification se fait maintenant dans cette fenetre integree, sans quitter la page en cours.
        </p>
        @if (!string.IsNullOrWhiteSpace(AuthModalSource))
        {
            <div class="auth-modal-frame-shell">
                <iframe class="auth-modal-frame" src="@AuthModalSource" title="@AuthModalTitle"></iframe>
            </div>
        }
    </div>
</section>

@code {
    private static readonly string[] HomePaths = ["", "index.html"];
    private static readonly string[] ApplicationPaths = ["application", "application.html"];
    private static readonly string[] RulesPaths = ["reglement", "reglement.html"];

    private DotNetObjectReference<SiteMenu>? _dotNetReference;
    private bool _listenerRegistered;
    private bool _authStateSubscribed;
    private string? AuthModalSource;
    private string AuthModalTitle = "Authentification";
    private bool ShowAuthModal;
    private bool IsAuthenticated;
    private string DisplayName = "Utilisateur connecte";
    private string DisplayMeta = "Session active";

    private string LoginHref => BuildAuthHref("login", EffectiveReturnUrl);
    private string RegisterHref => BuildAuthHref("register", EffectiveReturnUrl);
    private string LoginModalSrc => BuildAuthHref("login", EffectiveReturnUrl, embedded: true);
    private string RegisterModalSrc => BuildAuthHref("register", EffectiveReturnUrl, embedded: true);
    private string LogoutHref => BuildAuthHref("logout", "/");

    private string CurrentPath
    {
        get
        {
            var absolutePath = new Uri(Navigation.Uri).AbsolutePath;
            return absolutePath.Trim('/');
        }
    }

    private string EffectiveReturnUrl
    {
        get
        {
            var absolutePath = new Uri(Navigation.Uri).AbsolutePath;
            if (absolutePath.StartsWith("/authentication/", StringComparison.OrdinalIgnoreCase))
            {
                return "/";
            }

            return string.IsNullOrWhiteSpace(absolutePath)
                ? "/"
                : absolutePath;
        }
    }

    private string BuildNavLinkClass(string[] paths)
        => IsCurrentPage(paths) ? "site-menu-link is-active" : "site-menu-link";

    private string? BuildAriaCurrent(string[] paths)
        => IsCurrentPage(paths) ? "page" : null;

    private bool IsCurrentPage(string[] paths)
        => paths.Any(path => string.Equals(CurrentPath, path, StringComparison.OrdinalIgnoreCase));

    private static string BuildAuthHref(string action, string returnUrl, bool embedded = false)
    {
        var query = $"returnUrl={Uri.EscapeDataString(returnUrl)}";
        if (embedded)
        {
            query += "&embedded=1";
        }

        return $"authentication/{action}?{query}";
    }

    private static string BuildDisplayName(ClaimsPrincipal user)
        => user.Identity?.Name
            ?? user.FindFirst("name")?.Value
            ?? user.FindFirst("preferred_username")?.Value
            ?? "Utilisateur connecte";

    private static string BuildMeta(ClaimsPrincipal user)
        => user.FindFirst("email")?.Value
            ?? "Session active";

    protected override async Task OnInitializedAsync()
    {
        AuthenticationStateProvider.AuthenticationStateChanged += HandleAuthenticationStateChanged;
        _authStateSubscribed = true;
        await RefreshAuthenticationStateAsync();
    }

    private async Task OpenLoginModal()
        => await OpenAuthModalAsync("Se connecter", LoginModalSrc);

    private async Task OpenRegisterModal()
        => await OpenAuthModalAsync("Creer un compte", RegisterModalSrc);

    private async Task OpenAuthModalAsync(string title, string source)
    {
        await EnsureAuthListenerAsync();
        AuthModalTitle = title;
        AuthModalSource = source;
        ShowAuthModal = true;
    }

    private void CloseAuthModal()
    {
        ShowAuthModal = false;
        AuthModalSource = null;
    }

    private async Task EnsureAuthListenerAsync()
    {
        if (_listenerRegistered)
        {
            return;
        }

        _dotNetReference ??= DotNetObjectReference.Create(this);

        try
        {
            await JS.InvokeVoidAsync("chesscubingAuthModal.registerListener", _dotNetReference);
            _listenerRegistered = true;
        }
        catch
        {
            // Si le navigateur garde encore un ancien script en cache,
            // on laisse l'application fonctionner et la modal reste utilisable sans auto-fermeture.
        }
    }

    [JSInvokable]
    public Task HandleAuthModalMessage(string status)
    {
        if (!string.Equals(status, "login-succeeded", StringComparison.OrdinalIgnoreCase)
            && !string.Equals(status, "logout-succeeded", StringComparison.OrdinalIgnoreCase))
        {
            return Task.CompletedTask;
        }

        CloseAuthModal();
        StateHasChanged();
        Navigation.NavigateTo(Navigation.Uri, forceLoad: true);
        return Task.CompletedTask;
    }

    private void HandleAuthenticationStateChanged(Task<AuthenticationState> authenticationStateTask)
        => _ = InvokeAsync(RefreshAuthenticationStateAsync);

    private async Task RefreshAuthenticationStateAsync()
    {
        try
        {
            var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync();
            var user = authState.User;

            if (user.Identity?.IsAuthenticated == true)
            {
                IsAuthenticated = true;
                DisplayName = BuildDisplayName(user);
                DisplayMeta = BuildMeta(user);
            }
            else
            {
                ResetAuthenticationDisplay();
            }
        }
        catch
        {
            ResetAuthenticationDisplay();
        }
    }

    private void ResetAuthenticationDisplay()
    {
        IsAuthenticated = false;
        DisplayName = "Utilisateur connecte";
        DisplayMeta = "Session active";
    }

    public async ValueTask DisposeAsync()
    {
        if (_authStateSubscribed)
        {
            AuthenticationStateProvider.AuthenticationStateChanged -= HandleAuthenticationStateChanged;
        }

        if (_listenerRegistered)
        {
            try
            {
                await JS.InvokeVoidAsync("chesscubingAuthModal.unregisterListener");
            }
            catch
            {
            }
        }

        _dotNetReference?.Dispose();
    }

    private static string BoolString(bool value)
        => value ? "true" : "false";
}