<?php
class Auth extends MY_Controller
{
  var $db_regional;
  var $db_log;
  var $db;
  var $load;
  public function index()
  {
    // echo "AUTH API";
    // $query = $this->db->query(
    //   "show databases
    //     ",
    //   array()
    // );
    // // print_r($this->db_regional->last_query());
    // if (!$query) {
    //   $message = $this->db->error();
    //   $this->sys_error($message);
    //   exit;
    // }
    // $rows = $query->result_array();
    // echo json_encode($rows);
  }
  public function __construct()
  {
    parent::__construct();

    // $this->db_regional = $this->db->query("use one_mitra");
    // $this->db_log = $this->db->query("use mitra_log");
  }

  function isLogin()
  {
    if (!$this->isLogin) {
      $this->sys_error("Invalid Token");
    } else {
      $prm = $this->sys_input;
      $data = array(
        "user" => $this->sys_user
      );
      $this->sys_ok($data);
    }
  }

  function login()
  {
    $prm = $this->sys_input;
    try {
      //existing password enc
      // print_r($prm);
      $sm_password = md5($this->one_salt . $prm["password"] . $this->one_salt);
      $query = $this->db->query(
        "SELECT M_UserID, 
                M_UserUsername,
                M_UserM_CompanyID,  
                M_UserM_MouID, 
                M_CompanyName as company_name,
                M_UserS_RegionalID
        from one_mitra.m_user 
        JOIN m_company ON M_UserM_CompanyID = M_CompanyID
        AND M_CompanyIsActive = 'Y' 
        where M_UserUsername= ? and M_UserPassword= ?
        and M_UserIsActive = 'Y'
        ",
        array($prm["username"], $sm_password)
      );
      // print_r($this->db_regional->last_query());
      if (!$query) {
        $message = $this->db->error();
        $this->sys_error($message, $this->db);
        exit;
      }
      $rows = $query->result_array();
      if (count($rows) > 0) {
        $user = $rows[0];
        $user['ip'] = $_SERVER['REMOTE_ADDR'];
        $user['agent'] = $_SERVER['HTTP_USER_AGENT'];
        $token  = JWT::encode($user, $this->SECRET_KEY);
        $data = array(
          "user" => $user,
          "token" => $token
        );

        $query = $this->db->query("UPDATE one_mitra.m_user 
                                  SET M_UserIsLoggedIn = 'Y', 
                                  M_UserLastAccess = now(), 
                                  M_UserActiveToken = '{$token}' 
                                  WHERE M_UserID = ?
        ", array($user['M_UserID']));
        if (!$query) {
          $message = $this->db_regional->error();
          $this->sys_error($message);
          exit;
        }

        $query = $this->db->query("INSERT INTO mitra_log.log_login
                                  (Log_LoginDateTime,
                                  Log_LoginIP,
                                  Log_LoginType,
                                  Log_LoginStatus,
                                  Log_LoginLogin) VALUES (?,?,?,?,?)
        ", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGIN', 'SUCCESS', $prm["username"]));
        if (!$query) {
          $message = $this->db->error();
          $this->sys_error($message);
          exit;
        }

        $this->sys_ok($data);
        exit;
      }
      $query = $this->db->query("INSERT INTO mitra_log.log_login
                                    (Log_LoginDateTime,
                                    Log_LoginIP,
                                    Log_LoginType,
                                    Log_LoginStatus,
                                    Log_LoginLogin) VALUES (?,?,?,?,?)
        ", array(date('Y-m-d H:i:s'), $this->input->ip_address(), 'LOGIN', 'FAILED', $prm["username"]));
      if (!$query) {
        $message = $this->db_log->error();
        $this->sys_error($message);
        exit;
      }
      $this->sys_error_db("Invalid UserName / Password");
    } catch (Exception $exc) {
      $message = $exc->getMessage();
      $this->sys_error($message);
    }
  }

  function logout()
  {
    $prm = $this->sys_input;
    try {

      $query = $this->db->query(
        "UPDATE one_mitra.m_user 
        SET M_UserIsLoggedIn = 'N', M_UserActiveToken = null
        WHERE M_UserID = ?",
        array($prm['M_UserID'])
      );

      if (!$query) {
        $message = $this->db_regional->error();
        $this->sys_error($message);
        exit;
      }

      $this->db->query("INSERT INTO mitra_log.log_login(Log_LoginDateTime,Log_LoginIP,Log_LoginType,Log_LoginStatus,Log_LoginLogin) VALUES (?,?,?,?,?)
        ", array(date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR'], 'LOGOUT', 'SUCCESS', $prm['M_UserUsername']));
      $this->sys_ok("OK");
    } catch (Exception $exc) {
      $message = $exc->getMessage();
      $this->sys_error($message);
    }
  }

  function changepassword()
  {
    try {
      $prm = $this->sys_input;
      $userid = $this->sys_user["M_UserID"];
      $companyID = $this->sys_user["M_UserM_CompanyID"];
      $mouID = $this->sys_user["M_UserM_MouID"];
      if (!$this->isLogin) {
        echo json_encode(
          array("status" => "ERR", "message" => "Invalid Token")
        );
        exit;
      }
      $currPassword = $prm['current_password'];
      $newPassword = $prm['new_password'];
      $passwordConfirmation = $prm['password_confirmation'];
      if (!isset($prm['new_password']) || empty($prm['new_password'])) {
        $this->sys_error("Silahkan isi password baru");
        exit;
      }
      if (!isset($prm['current_password']) || empty($prm['current_password'])) {
        $this->sys_error("Silahkan isi password lama");
        exit;
      }
      if (!isset($prm['password_confirmation']) || empty($prm['password_confirmation'])) {
        $this->sys_error("Silahkan isi konfirmasi password");
        exit;
      }
      if ($newPassword != $passwordConfirmation) {
        $this->sys_error("Paswword baru dan konfirmasi password tidak sama !");
        exit;
      }

      // Validate password strength
      $uppercase = preg_match('@[A-Z]@', $prm['new_password']);
      $lowercase = preg_match('@[a-z]@', $prm['new_password']);
      $number    = preg_match('@[0-9]@', $prm['new_password']);

      if (strlen($prm['new_password']) < 8) {

        $this->sys_error("Password minimal 8 digit");

        exit;
      }

      if (!$uppercase) {
        $this->sys_error("Password minimal mengandung 1 huruf besar");
        exit;
      }

      if (!$lowercase) {
        $this->sys_error("Password minimal mengandung 1 huruf kecil");
        exit;
      }

      if (!$number) {
        $this->sys_error("Password minimal mengandung 1 angka");
        exit;
      }
      $sm_password = md5($this->one_salt . $currPassword . $this->one_salt);
      $query = $this->db->query(
        "select * from one_mitra.m_user where M_UserID = ? and M_UserPassword = ?",
        array($userid, $sm_password)
      );
      if (!$query) {
        echo json_encode(
          array("status" => "ERR", "message" => "Query cek error")
        );
        exit;
      }
      $this->db->trans_begin();
      // $this->db->trans_rollback();
      // $this->db->trans_commit();
      $rows = $query->result_array();
      if (count($rows) == 0) {
        echo json_encode(
          array("status" => "ERR", "message" => "Invalid Password")
        );
        exit;
      }
      $sql_json_before = "SELECT * 
      FROM one_mitra.m_user
      WHERE M_UserIsActive = 'Y'
      AND M_UserID = ?";

      $qry_json_before = $this->db->query(
        $sql_json_before,
        [
          $userid
        ]
      );

      if (!$qry_json_before) {
        $this->db->trans_rollback();
        $this->sys_error_db("m_user select json before");
        exit;
      }

      $data_before_by_id = $qry_json_before->row();

      $json_before_log = json_encode($data_before_by_id);

      $new_password_salt = md5($this->one_salt . $newPassword . $this->one_salt);
      $query = $this->db->query(
        "UPDATE one_mitra.m_user set 
          M_UserPassword= ? 
          where M_UserID = ?
          AND M_UserIsActive = 'Y'",
        array(

          $new_password_salt,
          // $userID
          $userid
        )
      );
      if (!$query) {
        $this->db->trans_rollback();
        echo json_encode(
          array("status" => "ERR", "message" => "Error Change Password")
        );
        exit;
      }

      // json after
      $sql_json_after = "SELECT * 
      FROM one_mitra.m_user
      WHERE M_UserIsActive = 'Y'
      AND M_UserID = ?";

      $qry_json_after = $this->db->query(
        $sql_json_after,
        [
          // $userID
          $userid
        ]
      );

      if (!$qry_json_after) {
        $this->db->trans_rollback();
        $this->sys_error_db("m_user select json after");
        exit;
      }

      $data_after_by_id = $qry_json_after->row();

      $json_after_log = json_encode($data_after_by_id);
      // json after

      // proses insert log start
      $sql_insert_log = "INSERT INTO mitra_log.m_user_log(
        M_UserLogM_UserID,
        M_UserLogStatus,
        M_UserLogJSONBefore,
        M_UserLogJSONAfter,
        M_UserLogUserID,
        M_UserLogCreated
      ) VALUES (
          ?,
          'CHANGE PASSWORD',
          ?,
          ?,
          ?,
          now()
      )";

      $qry_insert_log = $this->db->query(
        $sql_insert_log,
        [
          $userid,
          $json_before_log,
          $json_after_log,
          $userid
        ]
      );

      if (!$qry_insert_log) {
        $this->db->trans_rollback();
        $this->sys_error_db("m_user insert log");
        exit;
      }
      // proses insert log end
      // $this->db->trans_begin();
      // $this->db->trans_rollback();
      $this->db->trans_commit();
      $this->sys_ok("Berhasil Mengubah Password silahkan login ulang");
    } catch (Exception $exc) {
      $message = $exc->getMessage();
      $this->sys_error($message);
    }
  }
}