from flask import Blueprint, render_template, request
from auth.auth_middleware import requires_auth 
from utils.haproxy_config import update_haproxy_config, is_frontend_exist, count_frontends_and_backends

main_bp = Blueprint('main', __name__)

@main_bp.route('/', methods=['GET', 'POST'])
@requires_auth
def index():
    if request.method == 'POST':
        f  = request.form.get
        gl = request.form.getlist
        has = lambda k: k in request.form

        frontend_name = (f('frontend_name', '') or '').strip()
        frontend_ip   = (f('frontend_ip', '') or '').strip()
        frontend_port = (f('frontend_port', '') or '').strip()
        lb_method     = f('lb_method', 'roundrobin')
        protocol      = f('protocol', '')  # 'http' / 'tcp'

        backend_name  = (f('backend_name', '') or '').strip()

        add_header  = has('add_header')
        header_name = (f('header_name', '') or '').strip() if add_header else ''
        header_value= (f('header_value', '') or '').strip() if add_header else ''

        backend_server_names   = gl('backend_server_names[]')
        backend_server_ips     = gl('backend_server_ips[]')
        backend_server_ports   = gl('backend_server_ports[]')
        backend_server_maxconns= gl('backend_server_maxconns[]')

        is_acl          = has('add_acl')
        acl_name        = (f('acl', '') or '').strip() if is_acl else ''
        acl_action      = (f('acl_action', '') or '').strip() if is_acl else ''
        acl_backend_name= (f('backend_name_acl', '') or '').strip() if is_acl else ''

        use_ssl       = has('ssl_checkbox')
        ssl_cert_path = (f('ssl_cert_path', '') or '').strip() if use_ssl else ''
        https_redirect= has('ssl_redirect_checkbox') and use_ssl

        is_dos        = has('add_dos')
        ban_duration  = (f('ban_duration', '') or '').strip() if is_dos else ''
        limit_requests= (f('limit_requests', '') or '').strip() if is_dos else ''

        forward_for = has('forward_for_check') and protocol == 'http'

        is_forbidden_path = has('add_acl_path') and protocol == 'http'
        forbidden_name = (f('forbidden_name', '') or '').strip() if is_forbidden_path else ''
        allowed_ip     = (f('allowed_ip', '') or '').strip() if is_forbidden_path else ''
        forbidden_path = (f('forbidden_path', '') or '').strip() if is_forbidden_path else ''

        if protocol == 'http':
            sql_injection_check = has('sql_injection_check')
            is_xss              = has('xss_check')
            is_remote_upload    = has('remote_uploads_check')
            is_webshells        = has('webshells_check')
        else:
            sql_injection_check = False
            is_xss              = False
            is_remote_upload    = False
            is_webshells        = False

        add_path_based = has('add_path_based') and protocol == 'http'
        redirect_domain_name = (f('redirect_domain_name', '') or '').strip() if add_path_based else ''
        root_redirect        = (f('root_redirect', '/') or '/').strip() if add_path_based else ''
        redirect_to          = (f('redirect_to', '') or '').strip() if add_path_based else ''

        if protocol == 'http':
            health_check = has('health_check')
            health_check_link = (f('health_check_link', '') or '').strip() if health_check else ''
            health_check_tcp = False
        elif protocol == 'tcp':
            health_check = False
            health_check_link = ""
            health_check_tcp = has('health_check2')
        else:
            health_check = False
            health_check_link = ""
            health_check_tcp = False

        sticky_session = has('sticky_session')
        sticky_session_type = (f('sticky_session_type', '') or '').strip() if sticky_session else ''

        backend_servers = []
        max_len = max(len(backend_server_ips), len(backend_server_ports), len(backend_server_names), len(backend_server_maxconns))
        for i in range(max_len):
            name   = backend_server_names[i] if i < len(backend_server_names) else f"server{i+1}"
            ip     = backend_server_ips[i]   if i < len(backend_server_ips)   else ''
            port   = backend_server_ports[i] if i < len(backend_server_ports) else ''
            maxc   = backend_server_maxconns[i] if i < len(backend_server_maxconns) else None
            if ip and port:
                backend_servers.append((name, ip, port, maxc))

        if not frontend_name or not frontend_ip or not frontend_port or not backend_name:
            return render_template('index.html', message="Brak wymaganych pól (nazwa/IP/port frontendu, nazwa backendu).")

        if is_frontend_exist(frontend_name, frontend_ip, frontend_port):
            return render_template('index.html', message="Frontend or Port already exists. Cannot add duplicate.")

        message = update_haproxy_config(
            frontend_name, frontend_ip, frontend_port, lb_method, protocol, backend_name, 
            backend_servers, health_check, health_check_tcp, health_check_link, sticky_session,
            add_header, header_name, header_value, sticky_session_type, is_acl, acl_name,
            acl_action, acl_backend_name, use_ssl, ssl_cert_path, https_redirect, is_dos, 
            ban_duration, limit_requests, forward_for, is_forbidden_path, forbidden_name, 
            allowed_ip, forbidden_path, sql_injection_check, is_xss, is_remote_upload, 
            add_path_based, redirect_domain_name, root_redirect, redirect_to, is_webshells
        )
        return render_template('index.html', message=message)

    return render_template('index.html')


@main_bp.route('/home')
@requires_auth
def home():
    frontend_count, backend_count, acl_count, layer7_count, layer4_count = count_frontends_and_backends()
    return render_template('home.html', 
                         frontend_count=frontend_count, 
                         backend_count=backend_count, 
                         acl_count=acl_count,
                         layer7_count=layer7_count, 
                         layer4_count=layer4_count)