<?php
/*
### Auth API
- Functions
  - login x
  - logout
  template function  {
    $this->sys_debug();
    try {
      if (! $this->isLogin) {
        $this->sys_error("Invalid Token");
        exit;
      }
      $prm = $this->sys_input;

    } catch(Exception $exc) {
      $message = $exc->getMessage();
      $this->sys_error($message);
    }

  }
*/

class Authv2 extends MY_Controller {
  var $db_onedev;
  public function index()
  {
     echo "AUTH API";
  }
  public function __construct()
  {
     parent::__construct();
     $this->db_onedev = $this->load->database("onedev", true);
  }
  function isLogin() {
    if (! $this->isLogin) {
      $this->sys_error("Invalid Token");
    } else {
      $prm = $this->sys_input;
      $data = array(
          "user" => $this->sys_user
        );
        $this->sys_ok($data);
    }
  }
  function getsatellite(){
    $sql = $this->db_onedev->query("SELECT M_BranchHaveSatellite FROM m_branch 
    WHERE M_BranchIsDefault = 'Y' AND M_BranchIsActive = 'Y'")->row();		
		$hassatellite = $sql->M_BranchHaveSatellite;
		$rows = [];
		$query ="	SELECT 0 as M_SatelliteID, M_BranchName as M_SatelliteName
    FROM m_branch
    WHERE M_BranchIsActive = 'Y' AND M_BranchIsDefault = 'Y'

    UNION SELECT M_SatelliteID, M_SatelliteName
		FROM m_satellite
		WHERE
    M_SatelliteIsActive = 'Y'";
	//echo $query;
    $rows['satellites'] = $this->db_onedev->query($query)->result_array();

		$result = array(
			"total" => count($rows) ,
      "records" => $rows,
      "hassatellite" => $hassatellite
		);
		$this->sys_ok($result);
		exit;
	}
  function login() {
    $prm = $this->sys_input;
    try {
      //existing password enc
      $sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt);
      $query = $this->db_onedev->query("select M_UserID,M_UserUsername, M_UserGroupDashboard, M_UserDefaultT_SampleStationID,
         M_StaffName, IF(M_CourierID = NULL, 'N','Y') as is_courier
      from m_user 
      join m_usergroup ON M_UserM_UserGroupID = M_UserGroupID
      left join m_staff on M_UserM_StaffID = M_StaffID
	  left join m_courier ON M_CourierM_StaffID = M_StaffID AND M_CourierIsActive = 'Y'
      where M_UserUsername=? and M_UserPassword=?
      and M_UserIsActive = 'Y'
      ",array($prm["username"], $sm_password));
      //echo $query;
      if (!$query) {
        $message = $this->db_onedev->error();
        $this->sys_error($message);
        exit;
      }
      $rows = $query->result_array();
      if (count($rows) > 0 ) {
        $user = $rows[0];
        $user['ip'] = $_SERVER['REMOTE_ADDR'];
        $user['agent'] = $_SERVER['HTTP_USER_AGENT'];
        if (isset($prm['M_SatelliteID'])) {
           $user['M_SatelliteID'] = $prm['M_SatelliteID'];
        } else {
           $user['M_SatelliteID'] = 0;
        }
        $token  = JWT::encode($user,$this->SECRET_KEY);
        $data = array(
          "user" => $user,
          "token" => $token
        );

        $query = $this->db_onedev->query("update m_user SET M_UserIsLoggedIn = 'Y', M_UserLastAccess = now(), M_UserActiveToken = '{$token}' WHERE M_UserID = ?
        ",array($user['M_UserID']));
        if (!$query) {
          $message = $this->db_onedev->error();
          $this->sys_error($message);
          exit;
        }
		
		    $query = $this->db_onedev->query("INSERT INTO one_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
        ",array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'],'LOGIN','SUCCESS',$prm["username"]));
        if (!$query) {
          $message = $this->db_onedev->error();
          $this->sys_error($message);
          exit;
        }

        $this->sys_ok($data);
        exit;
      } 
	  $query = $this->db_onedev->query("INSERT INTO one_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
        ",array(date('Y-m-d H:i:s'),$this->input->ip_address(),'LOGIN','FAILED',$prm["username"]));
        if (!$query) {
          $message = $this->db_onedev->error();
          $this->sys_error($message);
          exit;
        }
        
      $this->sys_error_db("Invalid UserName / Password");
    } catch(Exception $exc) {
      $message = $exc->getMessage();
      $this->sys_error($message);
    }
  }

  function logout() 
  {
    $prm = $this->sys_input;
    try 
    {
      
      $query = $this->db_onedev->query("
        UPDATE m_user 
        SET M_UserIsLoggedIn = 'N', M_UserActiveToken = null
        WHERE M_UserID = ?", 
      array($this->sys_user['M_UserID']));

      if (!$query) 
      {
        $message = $this->db_onedev->error();
        $this->sys_error($message);
        exit;
      }
        
      $this->db_onedev->query("INSERT INTO one_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
        ",array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGOUT', 'SUCCESS', $this->sys_user['M_UserUsername']));
      $this->sys_ok("OK");

    } 
    catch(Exception $exc) 
    {
      $message = $exc->getMessage();
      $this->sys_error($message);
    }
  }
}
?>