from pydantic import BaseModel, Field, validator
from typing import Dict, List, Optional, Any
from datetime import datetime
import re

class MemoryItemInput(BaseModel):
    """
    Strict validation for INPUT memories.
    Prevents 'Poison Pills' (Payloads > 1MB, dangerous chars).
    """
    content: str = Field(..., max_length=100000, description="Memory content (max 100kb)")
    source: str = Field(..., max_length=50, pattern=r"^[a-zA-Z0-9_-]+$")
    domain: str = Field(..., max_length=50)
    relations: List[str] = Field(default_factory=list, description="IDs of related memories")
    tags: List[str] = Field(default_factory=list)
    metadata: Optional[Dict[str, Any]] = Field(default_factory=dict)
    
    @validator("content")
    def sanitize_content(cls, v):
        # 1. Prevent null bytes
        if "\0" in v:
            raise ValueError("Content contains null bytes (binary prevention)")
        
        # 2. PATENT P8: Privacy-Preserving Sanitization
        # Mask potentially sensitive patterns
        
        # Anthropic API Key
        v = re.sub(r'sk-ant-api03-[a-zA-Z0-9_-]{90,}', '[MASKED_ANTHROPIC_KEY]', v)
        # Generic API Key/Token patterns
        v = re.sub(r'(?i)(api[_-]key|secret|password|token|credential)["\s:=]+[a-zA-Z0-9]{20,}', r'\1: [MASKED]', v)
        
        return v

class MemoryOutput(BaseModel):
    """Standardized output format."""
    id: str
    content: str
    tier: str
    score: float
    timestamp: str
    stored_in: List[str]
    metadata: Dict[str, Any]

class CortexConfig(BaseModel):
    """Configuration schema for Synapse."""
    redis_host: str
    qdrant_host: str
    qdrant_key: str
    ssl_enabled: bool = True