package routes

import (
	"bytes"
	"context"
	"io"
	"net/http"
	"time"

	"github.com/gin-gonic/gin"
)

const (
	anthropicEventLoggingURL = "https://api.anthropic.com/api/event_logging/batch"
	eventLoggingForwardTimeout = 8 * time.Second
)

// RegisterCommonRoutes 注册通用路由（健康检查、状态等）
func RegisterCommonRoutes(r *gin.Engine) {
	// 健康检查
	r.GET("/health", func(c *gin.Context) {
		c.JSON(http.StatusOK, gin.H{"status": "ok"})
	})

	// Claude Code 遥测日志：清理敏感字段后转发给 Anthropic。
	// 删除 baseUrl/gateway 字段防止网关地址暴露（见 FINGERPRINT_SECURITY_REPORT.md §GAP-1/2）。
	// 转发而非丢弃，避免"高流量零遥测"异常被检测。
	r.POST("/api/event_logging/batch", func(c *gin.Context) {
		body, err := io.ReadAll(c.Request.Body)
		if err != nil || len(body) == 0 {
			c.Status(http.StatusOK)
			return
		}

		sanitized := sanitizeEventBatch(body)

		ctx, cancel := context.WithTimeout(c.Request.Context(), eventLoggingForwardTimeout)
		defer cancel()

		req, err := http.NewRequestWithContext(ctx, http.MethodPost, anthropicEventLoggingURL, bytes.NewReader(sanitized))
		if err != nil {
			c.Status(http.StatusOK)
			return
		}
		req.Header.Set("Content-Type", "application/json")
		// 透传客户端的 Authorization header（OAuth Bearer token）
		if auth := c.GetHeader("Authorization"); auth != "" {
			req.Header.Set("Authorization", auth)
		}

		resp, err := http.DefaultClient.Do(req)
		if err == nil {
			resp.Body.Close()
		}
		c.Status(http.StatusOK)
	})

	// Setup status endpoint (always returns needs_setup: false in normal mode)
	// This is used by the frontend to detect when the service has restarted after setup
	r.GET("/setup/status", func(c *gin.Context) {
		c.JSON(http.StatusOK, gin.H{
			"code": 0,
			"data": gin.H{
				"needs_setup": false,
				"step":        "completed",
			},
		})
	})
}