<?php

namespace Modules\Linksehat\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Validator;

class AuthController extends Controller
{
    public function otpRequest(Request $request)
    {
        $request->validate([
            'phone' => 'required'
        ]);

        $user = User::updateOrCreate([
            'phone' => $request->phone
        ], [
            'phone' => $request->phone,
            'otp' => rand(1000, 9999),
            'otp_created_at' => now()
        ]);
        if (!$user) {
            return response()->json([
                'message' => "User dengan nomor telepon ".$request->phone." tidak ditemukan"
            ], 404);
        }

        return response()->json([
            'message' => 'OTP Terkirim',
            'data' => [
                'otp_valid_until' => $user->otp_created_at->addMinutes(config('linksehat.otp_valid_minutes'))
            ]
        ]);
    }
    
    public function login(Request $request)
    {
        $request->validate([
            'email' => 'email',
            'password' => 'required_with:email',
            'phone' => '',
            'otp' => 'required_with:phone',
        ]);

        $loginType = null;

        if ($request->has('password') && !empty($request->password)) {
            $user = User::query()
                        ->where('email', $request->email)
                        ->first();
                        
            $loginType = 'email';
        }

        if ($request->has('otp') && !empty($request->otp)) {
            $user = User::query()
                        ->where('phone', $request->phone)
                        ->first();

            $loginType = 'phone';
        }

        if (!$user) {
            return response(['message' => 'User Tidak Ditemukan'], 404);
        }

        if ($loginType == 'email') {
            if (!Hash::check($request->password, $user->password)) {
                return response(['message' => 'Password Salah'], 403);
            }
        } else if ($loginType == 'phone') {
            if ($request->otp != $user->otp) {
                return response(['message' => 'OTP Salah'], 403);
            }
        } else {
            return response(['message' => 'Mode Login Tidak Dikenal'], 403);
        }

        return response([
            'message' => 'Selamat Datang',
            'user' => $user,
            'token' => $user->createToken('app')->plainTextToken
        ]);
    }

    public function register(Request $request)
    {
        $validator = Validator::make($request->all(), [
            'email' => 'required|email|unique:users,email',
            'password' => [
                'required',
                'confirmed', 
                'min:8',
                'regex:/.*[0-9].*/',
                'regex:/.*[a-z].*/',
                'regex:/.*[A-Z].*/',
            ]
        ], [
            'password.regex' => "Password harus minimal 8 karakter, kombinasi huruf besar kecil dan angka"
        ])->validate();

        try {
            $user = User::create([
                'email' => $request->email,
                'password' => Hash::make($request->password),
            ]);

            return response()->json([
                'message' => 'Akun berhasil dibuat, silahkan cek E-mail untuk konfirmasi'
            ], 201);
        } catch (\Exception $e) {
            return response()->json([
                'message' => 'Terjadi masalah ketika mendaftar',
                'error_message' => $e->getMessage()
            ], 403);
        }
    }

    public function logout(Request $request)
    {
        $token = $request->bearerToken();
        Auth::user()->tokens()->where('id', $token)->delete();

        return response(['message' => 'Berhasil Logout.']);
    }
}