/**
 * Single-file Cloudflare Worker: Video CMS
 * - Routes:
 *   GET  /              → public gallery (HTML)
 *   GET  /admin         → admin panel (HTML)
 *   GET  /api/videos    → list videos (public)
 *   POST /api/videos    → add video (auth: Bearer ADMIN_TOKEN)
 *   DELETE /api/videos  → delete by id (auth)
 *
 * Bindings required:
 *   KV:     VIDEOS
 *   Secret: ADMIN_TOKEN
 */
export default {
  async fetch(request, env, ctx) {
    const url = new URL(request.url);
    const path = url.pathname;

    // Simple router
    if (request.method === "GET" && (path === "/" || path === "/index.html")) {
      return html(indexHTML());
    }
    if (request.method === "GET" && (path === "/admin" || path === "/admin.html")) {
      return html(adminHTML());
    }

    if (path === "/api/videos") {
      if (request.method === "GET") {
        const list = await getList(env);
        return json(list);
      }
      if (request.method === "POST") {
        if (!isAuthorized(request, env)) return unauthorized();
        let body;
        try { body = await request.json(); }
        catch { return badRequest("Invalid JSON"); }
        const { title, url } = body || {};
        if (!title || !url) return badRequest("Missing title or url");
        const list = await getList(env);
        const item = {
          id: String(Date.now()),
          title: String(title).trim(),
          url: String(url).trim(),
          addedAt: Date.now(),
        };
        list.unshift(item);
        await env.VIDEOS.put("videos", JSON.stringify(list));
        return json(item, 201);
      }
      if (request.method === "DELETE") {
        if (!isAuthorized(request, env)) return unauthorized();
        const id = url.searchParams.get("id");
        if (!id) return badRequest("Missing id");
        const list = await getList(env);
        const next = list.filter(v => v.id !== id);
        await env.VIDEOS.put("videos", JSON.stringify(next));
        return json({ ok: true });
      }
    }

    return new Response("Not Found", { status: 404 });
  }
};

// ===== helpers =====
async function getList(env) {
  const raw = await env.VIDEOS.get("videos");
  if (!raw) return [];
  try { return JSON.parse(raw); } catch { return []; }
}
function isAuthorized(request, env) {
  const auth = request.headers.get("authorization") || "";
  const token = auth.startsWith("Bearer ") ? auth.slice(7) : "";
  return env.ADMIN_TOKEN && token && token === env.ADMIN_TOKEN;
}
function json(data, status = 200, extra = {}) {
  return new Response(JSON.stringify(data), {
    status,
    headers: { "content-type": "application/json", ...extra }
  });
}
function html(body, status = 200) {
  return new Response(body, {
    status,
    headers: {
      "content-type": "text/html; charset=utf-8",
      "x-content-type-options": "nosniff"
    }
  });
}
function badRequest(msg) { return json({ error: msg }, 400); }
function unauthorized() { return new Response("Unauthorized", { status: 401 }); }

// ===== inline HTML (public) =====
function indexHTML() {
  return `<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<title>My Video Site</title>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;600;800&display=swap" rel="stylesheet">
<style>
:root { --max: 1100px; }
* { box-sizing: border-box; }
body { margin:0; font-family: Inter, system-ui, -apple-system, Segoe UI, Roboto, Arial, sans-serif; background:#0b0f19; color:#e6e8ef; }
header { border-bottom:1px solid #1b2233; background:#0f1424; }
.wrap { max-width:var(--max); margin:0 auto; padding:18px 16px; }
h1 { margin:0; font-size:22px; letter-spacing:.2px; }
.grid { max-width:var(--max); margin:22px auto; padding:0 16px 40px; display:grid; grid-template-columns:repeat(auto-fill,minmax(310px,1fr)); gap:18px; }
.card { border:1px solid #1b2233; background:#0f1424; border-radius:16px; padding:14px; box-shadow:0 4px 24px rgba(0,0,0,.25); }
.title { font-weight:600; margin:6px 4px 10px; font-size:16px; color:#f2f4f8; }
iframe, video { width:100%; height:200px; border:none; border-radius:12px; background:#000; }
.empty { opacity:.8; text-align:center; margin:60px 0 80px; }
footer { opacity:.7; font-size:12px; text-align:center; padding:30px 0; }
a { color:#9bc2ff; text-decoration:none; }
.searchbar { max-width:var(--max); margin:16px auto 0; padding:0 16px; }
.searchbar input { width:100%; padding:12px 14px; border-radius:12px; border:1px solid #1b2233; outline:none; background:#0f1424; color:#e6e8ef; }
</style>
</head>
<body>
<header>
  <div class="wrap">
    <h1>🎬 My Video Site</h1>
    <div style="margin-top:8px;font-size:13px;opacity:.8">
      <a href="/admin">Admin</a>
    </div>
  </div>
</header>

<div class="searchbar">
  <input id="q" placeholder="Search videos by title..." />
</div>

<main class="grid" id="grid"></main>

<div class="empty" id="empty" style="display:none">
  <p>No videos yet. Add some from the <a href="/admin">Admin</a> panel.</p>
</div>

<footer>Powered by Cloudflare Workers + KV</footer>

<script>
async function fetchVideos() {
  const res = await fetch('/api/videos');
  if (!res.ok) { console.error('Failed to load videos'); return []; }
  return res.json();
}
function toEmbed(url) {
  try {
    const u = new URL(url);
    const host = u.hostname.replace('www.', '');
    if (host.includes('youtube.com') || host.includes('youtu.be')) {
      let id = u.searchParams.get('v');
      if (!id && host.includes('youtu.be')) id = u.pathname.slice(1);
      return 'https://www.youtube.com/embed/' + id;
    }
    if (host.includes('vimeo.com')) {
      const id = u.pathname.split('/').filter(Boolean)[0];
      return 'https://player.vimeo.com/video/' + id;
    }
    if (host.includes('dailymotion.com')) {
      const parts = u.pathname.split('/video/');
      if (parts[1]) {
        const id = parts[1].split('_')[0];
        return 'https://www.dailymotion.com/embed/video/' + id;
      }
    }
    if (u.pathname.endsWith('.mp4')) return url;
    return url;
  } catch(e) { return url; }
}
function render(videos) {
  const grid = document.getElementById('grid');
  const empty = document.getElementById('empty');
  grid.innerHTML = '';
  if (!videos.length) { empty.style.display = 'block'; return; }
  empty.style.display = 'none';
  const q = (document.getElementById('q').value || '').toLowerCase();
  videos
    .filter(v => v.title.toLowerCase().includes(q))
    .forEach(v => {
      const card = document.createElement('div');
      card.className = 'card';
      const embed = toEmbed(v.url);
      const isMp4 = embed.endsWith('.mp4');
      const media = isMp4
        ? '<video controls src=\"' + embed + '\" preload=\"metadata\"></video>'
        : '<iframe src=\"' + embed + '\" allowfullscreen loading=\"lazy\"></iframe>';
      card.innerHTML = '<div class=\"title\">' + v.title + '</div>' + media;
      grid.appendChild(card);
    });
}
(async () => {
  const videos = await fetchVideos();
  window._videos = videos;
  render(videos);
  document.getElementById('q').addEventListener('input', () => render(window._videos || []));
})();
</script>
</body>
</html>`;
}

// ===== inline HTML (admin) =====
function adminHTML() {
  return `<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<title>Admin • My Video Site</title>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;600;800&display=swap" rel="stylesheet">
<style>
:root { --max: 900px; }
* { box-sizing: border-box; }
body { margin:0; font-family: Inter, system-ui, -apple-system, Segoe UI, Roboto, Arial, sans-serif; background:#0b0f19; color:#e6e8ef; }
header { border-bottom:1px solid #1b2233; background:#0f1424; }
.wrap { max-width:var(--max); margin:0 auto; padding:18px 16px; }
h1 { margin:0; font-size:22px; letter-spacing:.2px; }
form, .table, .auth { max-width:var(--max); margin:20px auto; padding:16px; border:1px solid #1b2233; background:#0f1424; border-radius:16px; }
label { display:block; margin:10px 0 6px; font-size:14px; opacity:.9; }
input, button { width:100%; padding:12px 14px; border-radius:12px; border:1px solid #1b2233; outline:none; background:#0f1424; color:#e6e8ef; }
button { cursor:pointer; font-weight:600; margin-top:12px; }
table { width:100%; border-collapse:collapse; font-size:14px; }
th, td { padding:10px; border-bottom:1px solid #1b2233; text-align:left; }
.row-actions button { width:auto; padding:8px 12px; margin-right:8px; }
.muted { font-size:12px; opacity:.8; }
.ok { color:#9fef00; }
.err { color:#ff6b6b; }
</style>
</head>
<body>
<header>
  <div class="wrap">
    <h1>🔐 Admin Panel</h1>
    <div style="margin-top:8px;font-size:13px;opacity:.8"><a href="/">← Back to site</a></div>
  </div>
</header>

<div class="auth" id="auth">
  <label>Admin Token</label>
  <input id="token" type="password" placeholder="Enter ADMIN_TOKEN set in Worker settings" />
  <button id="saveToken">Save Token</button>
  <div class="muted" style="margin-top:8px;">Tip: Saved to your browser (localStorage).</div>
</div>

<form id="addForm">
  <h3 style="margin-top:0">Add New Video</h3>
  <label>Title</label>
  <input id="title" placeholder="e.g., Funny Cats Compilation" />
  <label>Video URL</label>
  <input id="url" placeholder="YouTube/Vimeo page URL or direct .mp4 link" />
  <button type="submit">Add Video</button>
  <div id="addMsg" class="muted"></div>
</form>

<div class="table">
  <h3 style="margin-top:0">All Videos</h3>
  <table>
    <thead><tr><th>Title</th><th>URL</th><th>Added</th><th>Actions</th></tr></thead>
    <tbody id="rows"></tbody>
  </table>
</div>

<script>
function getToken(){ return localStorage.getItem('ADMIN_TOKEN') || ''; }
function setToken(t){ localStorage.setItem('ADMIN_TOKEN', t || ''); }
document.getElementById('saveToken').addEventListener('click', () => {
  setToken(document.getElementById('token').value.trim());
  alert('Token saved.');
});
async function api(path, opts={}) {
  opts.headers = Object.assign({}, opts.headers || {}, {
    'Authorization': 'Bearer ' + getToken(),
    'Content-Type': 'application/json'
  });
  const res = await fetch(path, opts);
  if (!res.ok) throw new Error(await res.text());
  return res.json();
}
function fmt(ts){ try { return new Date(ts).toLocaleString(); } catch { return '-'; } }
function renderRows(videos){
  const tbody = document.getElementById('rows');
  tbody.innerHTML = '';
  videos.forEach(v => {
    const tr = document.createElement('tr');
    tr.innerHTML = \`
      <td>\${v.title}</td>
      <td class="muted" style="max-width:320px; overflow:hidden; text-overflow:ellipsis;">\${v.url}</td>
      <td class="muted">\${fmt(v.addedAt)}</td>
      <td class="row-actions"><button data-id="\${v.id}" class="del">Delete</button></td>
    \`;
    tbody.appendChild(tr);
  });
  [...document.querySelectorAll('.del')].forEach(btn => {
    btn.addEventListener('click', async () => {
      if (!confirm('Delete this video?')) return;
      try { await api('/api/videos?id=' + encodeURIComponent(btn.dataset.id), { method:'DELETE' }); load(); }
      catch (e) { alert('Error: ' + e.message); }
    });
  });
}
async function load(){
  try {
    const list = await fetch('/api/videos').then(r => r.json());
    renderRows(list);
    document.getElementById('addMsg').textContent = '';
  } catch (e) {
    document.getElementById('addMsg').innerHTML = '<span class="err">Failed to load list.</span>';
  }
}
document.getElementById('addForm').addEventListener('submit', async (e) => {
  e.preventDefault();
  const title = document.getElementById('title').value.trim();
  const url = document.getElementById('url').value.trim();
  if (!title || !url) { document.getElementById('addMsg').innerHTML = '<span class="err">Title and URL are required.</span>'; return; }
  try {
    await api('/api/videos', { method:'POST', body: JSON.stringify({ title, url }) });
    document.getElementById('title').value = '';
    document.getElementById('url').value = '';
    document.getElementById('addMsg').innerHTML = '<span class="ok">Added!</span>';
    load();
  } catch (e) {
    document.getElementById('addMsg').innerHTML = '<span class="err">' + e.message + '</span>';
  }
});
document.getElementById('token').value = getToken();
load();
</script>
</body>
</html>`;
}