import type { AuthUser } from '~~/shared/auth'

export function useAuth() {
  const user = useState<AuthUser | null>('auth:user', () => null)
  const loaded = useState<boolean>('auth:loaded', () => false)
  const loading = useState<boolean>('auth:loading', () => false)
  const apiClient = useApiClient()

  const isAuthenticated = computed(() => Boolean(user.value))
  const isSuperAdmin = computed(() => user.value?.role === 'super_admin')
  const needsOnboarding = computed(() => {
    return Boolean(user.value && (user.value.mustChangePassword || user.value.needsPasskeySetup))
  })

  async function fetchSession(force = false) {
    if (loaded.value && !force) {
      return user.value
    }

    loading.value = true

    try {
      const response = await apiClient<{ user: AuthUser | null }>('/api/auth/me')
      user.value = response.user
      loaded.value = true
      return user.value
    } finally {
      loading.value = false
    }
  }

  function setUser(nextUser: AuthUser | null) {
    user.value = nextUser
    loaded.value = true
  }

  function clearUser() {
    user.value = null
    loaded.value = true
  }

  return {
    user,
    loaded,
    loading,
    isAuthenticated,
    isSuperAdmin,
    needsOnboarding,
    fetchSession,
    refreshSession: () => fetchSession(true),
    setUser,
    clearUser
  }
}