package db

import (
	"ca-mini/internal/config"
	"database/sql"
	"fmt"
	"log"

	_ "github.com/go-sql-driver/mysql"
)

var (
	// DB 数据库连接
	DB *sql.DB
)

// InitDB 初始化数据库连接
func InitDB() error {
	cfg, err := config.Load()
	if err != nil {
		return fmt.Errorf("failed to load config: %v", err)
	}

	// 构建数据库连接字符串
	dsn := fmt.Sprintf("%s:%s@%s",
		cfg.Datasource.Username,
		cfg.Datasource.Password,
		cfg.Datasource.Url,
	)

	// fmt.Println("dsn: ", dsn)

	// 打开数据库连接
	db, err := sql.Open("mysql", dsn)
	if err != nil {
		return fmt.Errorf("failed to open database connection: %v", err)
	}

	// 测试连接
	if err := db.Ping(); err != nil {
		return fmt.Errorf("failed to ping database: %v", err)
	}

	DB = db
	log.Println("Database connection established")

	// 创建表
	if err := createTables(); err != nil {
		return fmt.Errorf("failed to create tables: %v", err)
	}

	return nil
}

// CloseDB 关闭数据库连接
func CloseDB() {
	if DB != nil {
		err := DB.Close()
		if err != nil {
			log.Printf("Failed to close database connection: %v", err)
		} else {
			log.Println("Database connection closed")
		}
	}
}

// createTables 创建数据库表
func createTables() error {
	// 创建 certificates 表
	createCertificatesTable := `
	CREATE TABLE IF NOT EXISTS certificates (
		id VARCHAR(64) PRIMARY KEY,
		serial_number VARCHAR(255) NOT NULL UNIQUE,
		cert_cn VARCHAR(255) NOT NULL,
		cert_dn VARCHAR(255) NOT NULL,
		cert_version VARCHAR(255) NOT NULL,
		public_key_alg VARCHAR(255) NOT NULL,
		signature_alg VARCHAR(255) NOT NULL,
		issuer_cn VARCHAR(255) NOT NULL,
		issuer_dn VARCHAR(255) NOT NULL,
		cert_sub_alt_name VARCHAR(255) NOT NULL,
		algorithm VARCHAR(50) NOT NULL,
		key_length INT NOT NULL,
		csr TEXT NOT NULL,
		private_key TEXT NOT NULL,
		certificate TEXT NOT NULL,
		valid_from DATETIME NOT NULL,
		valid_to DATETIME NOT NULL,
		created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
		updated_at DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
	);
	`

	// 创建 blacklist 表
	createBlacklistTable := `
	CREATE TABLE IF NOT EXISTS blacklist (
		id INT AUTO_INCREMENT PRIMARY KEY,
		serial_number VARCHAR(255) NOT NULL UNIQUE,
		revoked_at DATETIME DEFAULT CURRENT_TIMESTAMP,
		revoked_by VARCHAR(255) NOT NULL,
		reason TEXT
	);
	`

	// 创建 users 表（可选）
	createUsersTable := `
	CREATE TABLE IF NOT EXISTS users (
		id INT AUTO_INCREMENT PRIMARY KEY,
		username VARCHAR(255) NOT NULL UNIQUE,
		password_hash VARCHAR(255) NOT NULL,
		role VARCHAR(50) NOT NULL DEFAULT 'user',
		created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
		updated_at DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
	);
	`

	// 执行 SQL 语句
	_, err := DB.Exec(createCertificatesTable)
	if err != nil {
		return fmt.Errorf("failed to create certificates table: %v", err)
	}

	_, err = DB.Exec(createBlacklistTable)
	if err != nil {
		return fmt.Errorf("failed to create blacklist table: %v", err)
	}

	_, err = DB.Exec(createUsersTable)
	if err != nil {
		return fmt.Errorf("failed to create users table: %v", err)
	}

	log.Println("Tables created successfully")
	return nil
}