import requests


class PicAPIClient:
    def __init__(self, base_url: str):
        self.base = base_url
        self.s = requests.Session()
        self.s.headers['Content-Type'] = 'application/json'

    def login(self, username: str, password: str) -> dict:
        r = self.s.post(f"{self.base}/api/auth/login", json={'username': username, 'password': password})
        r.raise_for_status()
        data = r.json()
        csrf = data.get('csrf_token', '')
        if csrf:
            self.s.headers['X-CSRF-Token'] = csrf
        return data

    def logout(self):
        self.s.post(f"{self.base}/api/auth/logout")

    def me(self) -> dict:
        return self.s.get(f"{self.base}/api/auth/me").json()

    def get(self, path, **kw): return self.s.get(f"{self.base}{path}", **kw)
    def post(self, path, **kw): return self.s.post(f"{self.base}{path}", **kw)
    def put(self, path, **kw): return self.s.put(f"{self.base}{path}", **kw)
    def delete(self, path, **kw): return self.s.delete(f"{self.base}{path}", **kw)