from flask import Flask, render_template, request, jsonify, session
from google_auth_oauthlib.flow import InstalledAppFlow
from google.oauth2.credentials import Credentials
from googleapiclient.discovery import build
from googleapiclient.http import MediaIoBaseUpload
from google.auth.transport.requests import Request
import pickle
import os
import io
import datetime

app = Flask(__name__)
app.secret_key = 'your-secret-key'  # Change this to a random secure string

# If modifying these scopes, delete the file token.pickle.
SCOPES = ['https://www.googleapis.com/auth/spreadsheets', 
          'https://www.googleapis.com/auth/drive.file']

SPREADSHEET_ID = '1rcIJflbC1VIc70F6dnASLFvGQ90TXHhCx0iyxsXR7Ww'
FOLDER_ID = '1brmLNqOMCvRS0TDY6ECHvIBmlRx8pcPz'

def get_google_auth():
    creds = None
    # The file token.pickle stores the user's access and refresh tokens
    if os.path.exists('token.pickle'):
        with open('token.pickle', 'rb') as token:
            creds = pickle.load(token)
    
    # If there are no (valid) credentials available, let the user log in.
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            flow = InstalledAppFlow.from_client_secrets_file(
                'client_secret.json', SCOPES)
            creds = flow.run_local_server(port=0)
        # Save the credentials for the next run
        with open('token.pickle', 'wb') as token:
            pickle.dump(creds, token)
    
    return creds

# HTML template (same as before)
HTML_TEMPLATE = '''
<!DOCTYPE html>
<html>
<head>
    <title>Purchase Record Form</title>
    <style>
        body { font-family: Arial, sans-serif; margin: 20px; max-width: 600px; margin: 0 auto; }
        .form-group { margin-bottom: 15px; }
        label { display: block; margin-bottom: 5px; }
        input { width: 100%; padding: 8px; margin-bottom: 10px; border: 1px solid #ddd; border-radius: 4px; }
        button { background-color: #4CAF50; color: white; padding: 10px 20px; border: none; border-radius: 4px; cursor: pointer; }
        button:hover { background-color: #45a049; }
        #status { margin-top: 20px; padding: 10px; display: none; }
        .success { background-color: #dff0d8; color: #3c763d; }
        .error { background-color: #f2dede; color: #a94442; }
    </style>
</head>
<body>
    <h2>Purchase Record Form</h2>
    <form id="purchaseForm">
        <div class="form-group">
            <label for="name">Name:</label>
            <input type="text" id="name" name="name" required>
        </div>
        
        <div class="form-group">
            <label for="studentId">Student ID (學號):</label>
            <input type="text" id="studentId" name="studentId" required>
        </div>
        
        <div class="form-group">
            <label for="product">Product:</label>
            <input type="text" id="product" name="product" required>
        </div>
        
        <div class="form-group">
            <label for="cost">Cost:</label>
            <input type="number" id="cost" name="cost" required>
        </div>
        
        <div class="form-group">
            <label for="receipt">Receipt (發票):</label>
            <input type="file" id="receipt" name="receipt" required>
        </div>
        
        <button type="submit">Submit</button>
    </form>
    <div id="status"></div>

    <script>
        document.getElementById('purchaseForm').addEventListener('submit', async (e) => {
            e.preventDefault();
            
            const status = document.getElementById('status');
            status.style.display = 'block';
            status.textContent = 'Submitting...';
            status.className = '';
            
            const formData = new FormData(e.target);
            
            try {
                const response = await fetch('/submit', {
                    method: 'POST',
                    body: formData
                });
                
                const result = await response.json();
                
                if (result.success) {
                    status.className = 'success';
                    status.textContent = result.message;
                    e.target.reset();
                } else {
                    status.className = 'error';
                    status.textContent = result.message;
                }
            } catch (error) {
                status.className = 'error';
                status.textContent = 'Error submitting form';
            }
        });
    </script>
</body>
</html>
'''

@app.route('/')
def index():
    return HTML_TEMPLATE

@app.route('/submit', methods=['POST'])
def submit():
    try:
        # Get form data
        name = request.form['name']
        student_id = request.form['studentId']
        product = request.form['product']
        cost = request.form['cost']
        file = request.files['receipt']

        # Get Google credentials
        creds = get_google_auth()

        # Upload file to Drive
        drive_service = build('drive', 'v3', credentials=creds)
        
        file_metadata = {
            'name': file.filename,
            'parents': [FOLDER_ID]
        }
        
        media = MediaIoBaseUpload(
            io.BytesIO(file.read()),
            mimetype=file.content_type,
            resumable=True
        )
        
        uploaded_file = drive_service.files().create(
            body=file_metadata,
            media_body=media,
            fields='id,webViewLink'
        ).execute()
        
        file_url = uploaded_file.get('webViewLink', '')

        # Update Google Sheet
        sheets_service = build('sheets', 'v4', credentials=creds)
        
        timestamp = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
        ip_address = request.remote_addr

        values = [[name, student_id, product, cost, file_url, timestamp, ip_address]]
        body = {'values': values}
        
        sheets_service.spreadsheets().values().append(
            spreadsheetId=SPREADSHEET_ID,
            range='Sheet1!A:G',
            valueInputOption='USER_ENTERED',
            body=body
        ).execute()

        return jsonify({'success': True, 'message': 'Data submitted successfully!'})

    except Exception as e:
        return jsonify({'success': False, 'message': f'Error: {str(e)}'})

if __name__ == '__main__':
    os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'  # Only for development
    app.run(host='0.0.0.0', port=7860)