<?php
class Auth extends MY_Controller
{
  var $db;
  public function index()
  {
    echo "AUTH API";
  }
  public function __construct()
  {
    parent::__construct();
    // $this->db = $this->load->database("nas_report", true);
  }

  function corss()
  {
    header('Access-Control-Allow-Origin: *');

    header('Access-Control-Allow-Methods: GET, POST');

    header("Access-Control-Allow-Headers: X-Requested-With");

    //for preflight
    // header('Access-Control-Allow-Origin: *');
    // header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
    // header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
    // //for disable cached
    // header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT');
    // header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0'); 
    // header('Pragma: no-cache'); 
    // header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");

    // global $_SERVER;
    // header("Access-Control-Allow-Private-Network: true");
    // header("Access-Control-Allow-Credentials : true");
    // if (isset($_SERVER["HTTP_ORIGIN"])) {
    //     header("Access-Control-Allow-Origin: " . $_SERVER["HTTP_ORIGIN"]);
    // } else {
    //     header("Access-Control-Allow-Origin: */*");
    // }
    // header("Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS");
    // header(
    //     "Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization"
    // );

    if (
      isset($_SERVER["REQUEST_METHOD"]) &&
      $_SERVER["REQUEST_METHOD"] == "OPTIONS"
    ) {
      http_response_code(200);
      echo json_encode("OK");
      exit();
    }
  }

  function isLogin()
  {
    if (!$this->isLogin) {
      $this->sys_error("Invalid Token");
    } else {
      $prm = $this->sys_input;
      $data = array(
        "user" => $this->sys_user
      );
      $this->sys_ok($data);
    }
  }

  function login()
  {
    $this->corss();
    $prm = $this->sys_input;
    try {
      //existing password enc
      // print_r($prm);
      $sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt);
      $query = $this->db->query("select M_UserID, 
      M_UserFullName,
      M_UserUsername,
      M_UserIsAdmin
      from one_dash.m_user 
      where M_UserUsername=? and M_UserPassword=?
      and M_UserIsActive = 'Y'
      ", array($prm["username"], $sm_password));
      // print_r($this->db->last_query());
      if (!$query) {
        $message = $this->db->error();
        $this->sys_error($message, $this->db);
        exit;
      }
      $rows = $query->result_array();

      // permission
      $get_M_UserID = $rows[0]['M_UserID'];
      $qry_permission = $this->db->query("select 
      M_UserPermissionID, 
      M_UserPermissionIsNasional,
      M_UserPermissionM_UserID,
      M_UserPermissionRegionalJSON,
      M_UserPermissionM_MenuID,
      M_MenuName
      from one_dash.m_user_permission 
        join one_dash.m_menu
        ON M_UserPermissionM_MenuID = M_MenuID
        AND M_MenuIsActive = 'Y'
      where M_UserPermissionM_UserID=?
      and M_UserPermissionIsActive = 'Y'", array($get_M_UserID));
      // print_r($this->db->last_query());
      if (!$qry_permission) {
        $message = $this->db->error();
        $this->sys_error($message, $this->db);
        exit;
      }
      $rows_pemisison = $qry_permission->result_array();

      if (count($rows) > 0) {
        $user = $rows[0];
        $permission = [];
        $permission = $rows_pemisison;
        $user['ip'] = $_SERVER['REMOTE_ADDR'];
        $user['agent'] = $_SERVER['HTTP_USER_AGENT'];
        $token  = JWT::encode($user, $this->SECRET_KEY);
        $data = array(
          "user" => $user,
          "permission" => $permission,
          "token" => $token
        );

        $query = $this->db->query("update one_dash.m_user SET M_UserIsLoggedIn = 'Y', M_UserLastAccess = now(), M_UserActiveToken = '{$token}' WHERE M_UserID = ?
        ", array($user['M_UserID']));
        if (!$query) {
          $message = $this->db->error();
          $this->sys_error($message);
          exit;
        }

        $query = $this->db->query("INSERT INTO log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
        ", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGIN', 'SUCCESS', $prm["username"]));
        if (!$query) {
          $message = $this->db->error();
          $this->sys_error($message);
          exit;
        }

        $this->sys_ok($data);
        exit;
      }
      $query = $this->db->query("INSERT INTO log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
        ", array(date('Y-m-d H:i:s'), $this->input->ip_address(), 'LOGIN', 'FAILED', $prm["username"]));
      if (!$query) {
        $message = $this->db->error();
        $this->sys_error($message);
        exit;
      }
      $this->sys_error_db("Invalid UserName / Password");
    } catch (Exception $exc) {
      $message = $exc->getMessage();
      $this->sys_error($message);
    }
  }

  function logout()
  {
    $prm = $this->sys_input;
    try {

      $query = $this->db->query(
        "
        UPDATE m_user 
        SET M_UserIsLoggedIn = 'N', M_UserActiveToken = null
        WHERE M_UserID = ?",
        array($prm['M_UserID'])
      );

      if (!$query) {
        $message = $this->db->error();
        $this->sys_error($message);
        exit;
      }

      $this->db->query("INSERT INTO log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
        ", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGOUT', 'SUCCESS', $prm['M_UserUsername']));
      $this->sys_ok("OK");
    } catch (Exception $exc) {
      $message = $exc->getMessage();
      $this->sys_error($message);
    }
  }
}