# modules/auth.py - Authentication functions
import streamlit as st
import hashlib
from .database import Session, User

def init_session_state():
    """Initialize session state variables"""
    if 'logged_in' not in st.session_state:
        st.session_state.logged_in = False
        st.session_state.user_role = None
        st.session_state.user_id = None
        st.session_state.username = None

def show_login_page():
    """Display login page"""
    st.sidebar.header("Login")
    
    with st.sidebar.form("login_form"):
        username = st.text_input("Username")
        password = st.text_input("Password", type="password")
        submit = st.form_submit_button("Login")
        
        if submit:
            if authenticate_user(username, password):
                st.rerun()
            else:
                st.error("Invalid username or password")
    
    st.info("Default login: **admin** / **admin123**")

def authenticate_user(username, password):
    """Authenticate user credentials"""
    session = Session()
    user = session.query(User).filter_by(email=username).first()
    
    if user and user.password_hash == hashlib.sha256(password.encode()).hexdigest():
        st.session_state.logged_in = True
        st.session_state.user_role = user.role
        st.session_state.user_id = user.id
        st.session_state.username = user.name
        session.close()
        return True
    
    session.close()
    return False

def logout():
    """Logout user"""
    st.session_state.logged_in = False
    st.session_state.user_role = None
    st.session_state.user_id = None
    st.session_state.username = None