"""Login und Captcha Routes"""
from flask import Blueprint, request, jsonify, session
from auth import generate_captcha, verify_captcha, check_admin_password

auth_bp = Blueprint('auth', __name__)

@auth_bp.route('/api/captcha', methods=['GET'])
def get_captcha():
    captcha = generate_captcha()
    # captcha enthaelt jetzt 'image' und 'token' (kein 'answer' mehr)
    return jsonify({"image": captcha["image"], "token": captcha["token"]})

@auth_bp.route('/api/admin/login', methods=['POST'])
def admin_login():
    data = request.get_json() or {}
    password = data.get('password', '')
    
    if check_admin_password(password):
        session['user_role'] = 'admin'
        session['login_time'] = __import__('time').time()
        return jsonify({"status": "ok", "role": "admin"})
    return jsonify({"error": "Invalid credentials"}), 401

@auth_bp.route('/api/admin/logout', methods=['POST'])
def admin_logout():
    session.pop('user_role', None)
    session.pop('login_time', None)
    return jsonify({"status": "ok"})

@auth_bp.route('/api/session', methods=['GET'])
def check_session():
    role = session.get('user_role')
    if role:
        return jsonify({"role": role, "logged_in": True})
    return jsonify({"logged_in": False})