"""
Rate limiting middleware for the OpenEventDatabase.
"""

import time
import threading
import falcon
from collections import defaultdict
from oedb.utils.logging import logger

class RateLimitMiddleware:
    """
    Middleware that implements rate limiting to prevent API abuse.
    
    This middleware tracks request rates by IP address and rejects requests
    that exceed defined limits. It helps protect the API from abuse and
    ensures fair usage.
    """
    
    def __init__(self, window_size=60, max_requests=60):
        """
        Initialize the middleware with rate limiting settings.
        
        Args:
            window_size: Time window in seconds for rate limiting.
            max_requests: Maximum number of requests allowed per IP in the window.
        """
        self.window_size = window_size
        self.max_requests = max_requests
        
        # Store request timestamps by IP
        self.requests = defaultdict(list)
        
        # Lock for thread safety
        self.lock = threading.Lock()
        
        # Define rate limit rules for different endpoints
        # Format: (endpoint_prefix, method, max_requests)
        self.rate_limit_rules = [
            # Limit POST requests to /event to 10 per minute
            ('/event', 'POST', 10),
            # Limit POST requests to /event/search to 20 per minute
            ('/event/search', 'POST', 20),
            # Limit DELETE requests to /event to 5 per minute
            ('/event', 'DELETE', 5),
        ]
        
        logger.info(f"Rate limiting initialized: {max_requests} requests per {window_size} seconds")
    
    def process_request(self, req, resp):
        """
        Process the request and apply rate limiting.
        
        Args:
            req: The request object.
            resp: The response object.
        
        Raises:
            falcon.HTTPTooManyRequests: If the rate limit is exceeded.
        """
        # Get client IP address
        client_ip = self._get_client_ip(req)
        
        # Skip rate limiting for local requests (for development)
        if client_ip in ('127.0.0.1', 'localhost', '::1'):
            return
        
        # Get the appropriate rate limit for this endpoint
        max_requests = self._get_max_requests(req)
        
        # Check if the rate limit is exceeded
        with self.lock:
            # Clean up old requests
            self._clean_old_requests(client_ip)
            
            # Count recent requests
            recent_requests = len(self.requests[client_ip])
            
            # Check if the rate limit is exceeded
            if recent_requests >= max_requests:
                logger.warning(f"Rate limit exceeded for IP {client_ip}: {recent_requests} requests in {self.window_size} seconds")
                retry_after = self.window_size - (int(time.time()) - self.requests[client_ip][0])
                retry_after = max(1, retry_after)  # Ensure retry_after is at least 1 second
                
                # Add the request to the log for tracking abuse patterns
                self._log_rate_limit_exceeded(client_ip, req)
                
                # Raise an exception to reject the request
                raise falcon.HTTPTooManyRequests(
                    title="Rate limit exceeded",
                    description=f"You have exceeded the rate limit of {max_requests} requests per {self.window_size} seconds",
                    headers={'Retry-After': str(retry_after)}
                )
            
            # Add the current request timestamp
            self.requests[client_ip].append(int(time.time()))
    
    def _get_client_ip(self, req):
        """
        Get the client IP address from the request.
        
        Args:
            req: The request object.
            
        Returns:
            str: The client IP address.
        """
        # Try to get the real IP from X-Forwarded-For header (if behind a proxy)
        forwarded_for = req.get_header('X-Forwarded-For')
        if forwarded_for:
            # The client IP is the first address in the list
            return forwarded_for.split(',')[0].strip()
        
        # Fall back to the remote_addr
        return req.remote_addr or '0.0.0.0'
    
    def _clean_old_requests(self, client_ip):
        """
        Remove request timestamps that are outside the current window.
        
        Args:
            client_ip: The client IP address.
        """
        if client_ip not in self.requests:
            return
        
        current_time = int(time.time())
        cutoff_time = current_time - self.window_size
        
        # Keep only requests within the current window
        self.requests[client_ip] = [t for t in self.requests[client_ip] if t > cutoff_time]
        
        # Remove the IP from the dictionary if there are no recent requests
        if not self.requests[client_ip]:
            del self.requests[client_ip]
    
    def _get_max_requests(self, req):
        """
        Determine the maximum requests allowed for the current endpoint.
        
        Args:
            req: The request object.
            
        Returns:
            int: The maximum number of requests allowed.
        """
        # Check if the request matches any rate limit rules
        for endpoint, method, max_requests in self.rate_limit_rules:
            if req.path.startswith(endpoint) and req.method == method:
                return max_requests
        
        # Default to the global max_requests
        return self.max_requests
    
    def _log_rate_limit_exceeded(self, client_ip, req):
        """
        Log details when a rate limit is exceeded for analysis.
        
        Args:
            client_ip: The client IP address.
            req: The request object.
        """
        logger.warning(
            f"Rate limit exceeded: IP={client_ip}, "
            f"Method={req.method}, Path={req.path}, "
            f"User-Agent={req.get_header('User-Agent', 'Unknown')}"
        )