# app/blueprints/media.py
import os
from flask import Blueprint, current_app, send_from_directory, abort

from media_tokens import verify_media_token

bp = Blueprint("media", __name__)


@bp.get("/media/<path:token_or_file>", endpoint="media")
def media(token_or_file: str):
    upload_dir = current_app.config["UPLOAD_DIR"]
    urlprop_dir = current_app.config["URLPROP_DIR"]

    # 1) Allow .txt verification files under /media/
    if token_or_file.lower().endswith(".txt"):
        full = os.path.join(urlprop_dir, token_or_file)
        if not os.path.exists(full):
            abort(404)
        return send_from_directory(urlprop_dir, token_or_file, as_attachment=False, mimetype="text/plain")

    # 2) Normal signed token flow for mp4
    payload = verify_media_token(token_or_file, current_app.config["MEDIA_SIGNING_SECRET"])
    if not payload:
        abort(403)

    filename = payload.get("f")
    if not filename:
        abort(400)

    # prevent path traversal
    if "/" in filename or "\\" in filename or ".." in filename:
        abort(400)

    full_path = os.path.join(upload_dir, filename)
    if not os.path.exists(full_path):
        abort(404)

    return send_from_directory(upload_dir, filename, as_attachment=False, mimetype="video/mp4")