from django.utils import timezone
from django.contrib.auth.decorators import login_required
from django.http import JsonResponse
from django.shortcuts import redirect
from django.urls import reverse
from django.contrib.auth.models import AnonymousUser
from django.utils.deprecation import MiddlewareMixin
from django.contrib.auth import logout
from django.contrib import messages
from django.utils import timezone
from datetime import timedelta
import logging
from django.contrib.auth import get_user_model

User = get_user_model()
logger = logging.getLogger(__name__)

class CustomerOnlyMiddleware:
    """Middleware to handle customer-only access and redirects"""

    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        # Process the request before the view is called
        response = self.get_response(request)
        return response

class DashboardSecurityMiddleware:
    """Enhanced security middleware for dashboard access"""
    
    def __init__(self, get_response):
        self.get_response = get_response
        self.suspicious_patterns = [
            'admin/auth/',
            'phpmyadmin',
            'wp-admin',
            '.env',
            'config.php'
        ]

    def __call__(self, request):
        # Check for suspicious activity
        if any(pattern in request.path.lower() for pattern in self.suspicious_patterns):
            self.log_suspicious_activity(request)

        # Check for dashboard access
        if '/dashboard/' in request.path and request.user.is_authenticated:
            self.log_dashboard_access(request)

        response = self.get_response(request)
        return response

    def log_suspicious_activity(self, request):
        """Log suspicious access attempts"""
        if request.user.is_authenticated:
            # Import here to avoid circular imports
            from accounts.models import UserActivityLog
            UserActivityLog.objects.create(
                user=request.user,
                action='suspicious_access',
                ip_address=self.get_client_ip(request),
                user_agent=request.META.get('HTTP_USER_AGENT', '')[:500],
                additional_data={
                    'suspicious_path': request.path,
                    'method': request.method
                }
            )

    def log_dashboard_access(self, request):
        """Log dashboard access for audit trail"""
        # Import here to avoid circular imports
        from accounts.models import UserActivityLog
        UserActivityLog.objects.create(
            user=request.user,
            action='dashboard_access',
            ip_address=self.get_client_ip(request),
            user_agent=request.META.get('HTTP_USER_AGENT', '')[:500],
            additional_data={
                'dashboard_path': request.path,
                'user_role': request.user.role if hasattr(request.user, 'role') else 'unknown'
            }
        )

    def get_client_ip(self, request):
        x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
        if x_forwarded_for:
            ip = x_forwarded_for.split(',')[0]
        else:
            ip = request.META.get('REMOTE_ADDR')
        return ip