from flask import Blueprint, request, session, redirect, flash
import json
from auth import require_level
import sanitize

bp = Blueprint('action_save_preferences', __name__)

DATA_DIR      = '/data'
ACCOUNTS_FILE = f'{DATA_DIR}/authorized_accounts.json'


def _load_accounts():
    try:
        with open(ACCOUNTS_FILE) as f:
            return json.load(f)
    except Exception:
        return {'accounts': []}

def _save_accounts(data):
    with open(ACCOUNTS_FILE, 'w') as f:
        json.dump(data, f, indent=2)


@bp.route('/action/save_preferences', methods=['POST'])
@require_level('viewer')
def save_preferences():
    tz = sanitize.timezone(request.form.get('timezone', '').strip())

    if not tz:
        flash('Timezone is required.', 'error')
        return redirect('/view/view_preferences')

    email    = session.get('email_address', '').lower()
    data     = _load_accounts()
    accounts = data.get('accounts', [])
    account  = next((a for a in accounts if a.get('email_address', '').lower() == email), None)

    if account is None:
        flash('Account not found. Please log in again.', 'error')
        return redirect('/view/view_log_in')

    account['timezone'] = tz
    _save_accounts(data)

    session['timezone'] = tz

    flash('Preferences saved.', 'success')
    return redirect('/view/view_preferences')