import os
from datetime import timedelta
from pathlib import Path
from dotenv import load_dotenv

load_dotenv()

# Flask Configuration
SECRET_KEY = os.urandom(24)
SESSION_TYPE = 'filesystem'
JSON_AS_ASCII = False
JSONIFY_MIMETYPE = 'application/json; charset=utf-8'
PERMANENT_SESSION_LIFETIME = timedelta(minutes=5)
SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_SECURE = False  # Set to True when HTTPS (internal runs HTTP)
SESSION_COOKIE_SAMESITE = 'Lax'
SESSION_COOKIE_NAME = 'admin_session'
SESSION_REFRESH_EACH_REQUEST = False

# Database Configuration
DATABASE_CONFIG = {
    'host': os.getenv("POSTGRES_HOST", "postgres"),
    'port': os.getenv("POSTGRES_PORT", "5432"),
    'dbname': os.getenv("POSTGRES_DB"),
    'user': os.getenv("POSTGRES_USER"),
    'password': os.getenv("POSTGRES_PASSWORD"),
    'options': '-c client_encoding=UTF8'
}

# Backup Configuration
BACKUP_DIR = Path("/app/backups")
BACKUP_DIR.mkdir(exist_ok=True)
BACKUP_ENCRYPTION_KEY = os.getenv("BACKUP_ENCRYPTION_KEY")

# Rate Limiting Configuration
FAIL_MESSAGES = [
    "NOPE!",
    "ACCESS DENIED, TRY HARDER",
    "WRONG! 🚫",
    "COMPUTER SAYS NO",
    "YOU FAILED"
]
MAX_LOGIN_ATTEMPTS = 5
BLOCK_DURATION_HOURS = 24
CAPTCHA_AFTER_ATTEMPTS = 2

# reCAPTCHA Configuration
RECAPTCHA_SITE_KEY = os.getenv('RECAPTCHA_SITE_KEY')
RECAPTCHA_SECRET_KEY = os.getenv('RECAPTCHA_SECRET_KEY')

# Email Configuration
EMAIL_ENABLED = os.getenv("EMAIL_ENABLED", "false").lower() == "true"

# Admin Users (for backward compatibility)
ADMIN_USERS = {
    os.getenv("ADMIN1_USERNAME"): os.getenv("ADMIN1_PASSWORD"),
    os.getenv("ADMIN2_USERNAME"): os.getenv("ADMIN2_PASSWORD")
}

# Scheduler Configuration
SCHEDULER_CONFIG = {
    'backup_hour': 3,
    'backup_minute': 0
}