from functools import lru_cache
from typing import List

from pydantic_settings import BaseSettings, SettingsConfigDict


class Settings(BaseSettings):
    model_config = SettingsConfigDict(env_file=".env", env_file_encoding="utf-8", extra="ignore")

    app_name: str = "Insurance Agent Policy Management"
    app_env: str = "development"
    debug: bool = True
    secret_key: str = "change-me"
    access_token_expire_minutes: int = 30
    refresh_token_expire_days: int = 7
    database_url: str = "mysql+pymysql://root:password@localhost:3306/agent_db"
    cors_origins: str = "http://localhost:3000"
    upload_dir: str = "uploads"
    storage_backend: str = "local"  # local | s3
    s3_endpoint_url: str = ""
    s3_bucket: str = ""
    s3_access_key: str = ""
    s3_secret_key: str = ""
    s3_region: str = "us-east-1"
    s3_key_prefix: str = "policies"
    log_json: bool = False
    log_dir: str = "logs"
    log_errors_to_file: bool = True
    scheduler_enabled: bool = True
    max_upload_size_mb: int = 10
    extraction_confidence_threshold: float = 0.85
    expiring_soon_days: int = 30
    timezone: str = "Asia/Kolkata"
    seed_admin_email: str = "admin@demo.com"
    seed_admin_password: str = "Admin@123"
    seed_agency_name: str = "Demo Insurance Agency"
    seed_super_admin_email: str = "superadmin@demo.com"
    seed_super_admin_password: str = "Super@123"
    seed_platform_agency_name: str = "Platform Operations"

    # Auth security
    auth_rate_limit_requests: int = 10
    auth_rate_limit_window_seconds: int = 60
    auth_lockout_max_attempts: int = 5
    auth_lockout_minutes: int = 15

    # Email / SMS for password reset OTP
    smtp_host: str = ""
    smtp_port: int = 587
    smtp_username: str = ""
    smtp_password: str = ""
    smtp_from_email: str = ""
    smtp_use_tls: bool = True
    twilio_account_sid: str = ""
    twilio_auth_token: str = ""
    twilio_from_number: str = ""

    # Optional virus scan on PDF upload (ClamAV clamd)
    virus_scan_enabled: bool = False
    virus_scan_required: bool = False
    clamd_host: str = "127.0.0.1"
    clamd_port: int = 3310

    # PDF OCR for scanned/image policies (requires Tesseract + tessdata)
    ocr_enabled: bool = True
    tessdata_prefix: str = ""
    tesseract_cmd: str = ""

    # WhatsApp Business Cloud API (Phase 3)
    whatsapp_cloud_enabled: bool = False
    whatsapp_api_token: str = ""
    whatsapp_phone_number_id: str = ""
    whatsapp_business_account_id: str = ""
    whatsapp_template_name: str = "renewal_reminder"
    whatsapp_template_language: str = "en"
    whatsapp_webhook_verify_token: str = ""
    whatsapp_api_version: str = "v21.0"
    whatsapp_quiet_hours_start: int = 21
    whatsapp_quiet_hours_end: int = 9

    # Push notifications (Phase 2 — mobile prep)
    push_notifications_enabled: bool = False
    fcm_server_key: str = ""
    fcm_project_id: str = ""
    apns_key_id: str = ""
    apns_team_id: str = ""
    apns_bundle_id: str = "com.agentportal.mobile"

    # Mobile sideload updates (APK hosted on this server, outside Play Store)
    mobile_release_enabled: bool = False
    mobile_release_dir: str = ""
    mobile_release_manifest: str = "release.json"

    @property
    def whatsapp_configured(self) -> bool:
        return bool(
            self.whatsapp_cloud_enabled
            and self.whatsapp_api_token
            and self.whatsapp_phone_number_id
            and self.whatsapp_template_name
        )

    @property
    def cors_origin_list(self) -> List[str]:
        return [origin.strip() for origin in self.cors_origins.split(",") if origin.strip()]

    @property
    def use_json_logging(self) -> bool:
        return self.log_json or self.app_env == "production"

    @property
    def is_sqlite(self) -> bool:
        return self.database_url.startswith("sqlite")

    @property
    def max_upload_size_bytes(self) -> int:
        return self.max_upload_size_mb * 1024 * 1024


@lru_cache
def get_settings() -> Settings:
    return Settings()
