"""Trading Platform REST API."""

import logging
from contextlib import asynccontextmanager

from fastapi import Depends, FastAPI
from fastapi.middleware.cors import CORSMiddleware
from slowapi import Limiter, _rate_limit_exceeded_handler
from slowapi.errors import RateLimitExceeded
from slowapi.util import get_remote_address

from shared.config import Settings
from shared.db import Database

from trading_api.dependencies.auth import verify_token
from trading_api.routers import orders, portfolio, strategies

logger = logging.getLogger(__name__)


@asynccontextmanager
async def lifespan(app: FastAPI):
    settings = Settings()
    if not settings.api_auth_token.get_secret_value():
        logger.warning("API_AUTH_TOKEN not set — authentication is disabled")
    app.state.db = Database(settings.database_url.get_secret_value())
    await app.state.db.connect()
    yield
    await app.state.db.close()


cfg = Settings()

limiter = Limiter(key_func=get_remote_address)

app = FastAPI(
    title="Trading Platform API",
    version="0.1.0",
    lifespan=lifespan,
)

app.state.limiter = limiter
app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler)

app.add_middleware(
    CORSMiddleware,
    allow_origins=cfg.cors_origins.split(","),
    allow_methods=["GET", "POST"],
    allow_headers=["Authorization", "Content-Type"],
)

app.include_router(
    portfolio.router,
    prefix="/api/v1/portfolio",
    tags=["portfolio"],
    dependencies=[Depends(verify_token)],
)
app.include_router(
    orders.router,
    prefix="/api/v1/orders",
    tags=["orders"],
    dependencies=[Depends(verify_token)],
)
app.include_router(
    strategies.router,
    prefix="/api/v1/strategies",
    tags=["strategies"],
    dependencies=[Depends(verify_token)],
)


@app.get("/health")
async def health():
    return {"status": "ok"}