<?php

namespace App\Http\Controllers;

use App\Models\Role;
use App\Models\User;
use App\Models\Company;

use Illuminate\Support\Str;
use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
use Illuminate\Validation\ValidationException;

const URL_EMAIL = 'https://notifapp.odm-iu.com/service-mail/notif_mail.php';
class AuthController extends Controller
{
	public function __construct()
	{
		$this->middleware('auth:api', ['except' => ['login','sendEmail']]);
	}

	public function login(Request $request)
	{
		$username  = $request->username;
		$password  = $request->password;
		$remember  = $request->remember;
		$is_mobile = $request->is_mobile;
        $usernameCheck = false;
		$passwordCheck = false;

		if (empty($username) || empty($password)) {
			return response()->json(['status' => 'error', 'message' => 'You must fill all the fields'], 400);
        }

        $userQuery = User::query()
        ->where('username',$username);

		if ($userQuery->exists()) {
            $usernameCheck = true;
            $passwordValue = $userQuery->first()->password;
            if($passwordValue === md5($password)) {
                $passwordCheck = true;
            }
        }

		if ($usernameCheck && $passwordCheck) {
			$user = User::where([['username', $username],['password', md5($password)]])->first();
            $checkExpiredOspro = $this->setExpiredTimeOspro($user['company_id']);
            if($checkExpiredOspro === false && $user['company_id'] != null) {
                return response()->json(['status' => 'error', 'message' => 'Expired! Please update license!'], 201);
            }
			if ($is_mobile) {
				$fcm_token = $request->fcm_token;

				if (!$fcm_token || $fcm_token == "") {
					return response()->json(['status' => 'error', 'message' => 'FCM Token is required'], 400);
                }

				$dataUpdateFcm = array(
					"fcm_token" => $fcm_token
				);

				$hr = User::find($user->id);

				if ($hr) {
                    $hr->update($dataUpdateFcm);
                }
			}

			$dataRole = Role::find($user->role_id);
			$dataHierarchy = $this->getDataHierarchy($user->divisi_id, $user->id);
			$configApp = Company::where('id', $user->company_id)->first();
			if ($configApp) {
				$logoLogin = json_decode($configApp->logo_login, true);
				$favicon = json_decode($configApp->favicon_image, true);
				$logoHeader = json_decode($configApp->logo_header, true);
				$configApp->logo_login = $logoLogin;
				$configApp->favicon_image = $favicon;
				$configApp->logo_header = $logoHeader;
			}

			if ($configApp) {
				$user->configApp = $configApp;
            }

			if ($dataRole) {
				$user->role = $dataRole;
            }

			if ($dataHierarchy) {
				$user->hierarchy = $dataHierarchy;
            }

			if (!$token = Auth::login($user)) {
				return response()->json(['error' => 'Unauthorized'], 401);
            }

			$ttl = 60;
			if ($remember) {
				$ttl = 10080;
            }

			// todo : change existing md5 hashed function to laravel's originally bcrypt
			/* $token = auth()->setTTL($ttl)->attempt(['username' => $username, 'password' => Hash::make($password)]); */
			/* dd(response()->json(['code'=>'200', 'token' => $token, 'ttl' => $ttl])); */

			return response()->json([
				'code' => 200,
				'data' => array(
					'data_user' => $user,
					'access_token' => $token,
					'token_type' => 'bearer',
					'expires_in' => auth()->factory()->getTTL() * $ttl,
				),
			]);
		} else {
			if (!$usernameCheck || !$passwordCheck) {
				return response()->json(['code' => 201, 'message' => "Username or password doesn't match"], 201);
            } else {
                return response()->json(['code' => 500, 'message' => "Server error"], 500);
            }
		}
	}


	public function sendEmail(Request $request)
	{
        if (empty($request->password)) {
            $hashed = Str::random(15);
        } else {
            $hashed = $request->password;
        }

		$email = $request->email;
		$user = User::select('email', 'name', 'username')->where('email', $email)->first();

		if (!$user || empty($email)) {
			return response()->json(['status' => 'error', 'message' => 'e-mail not found'], 400);
		} else {
            if($request->username) {
                $username = $request->username;
                $name = $request->username;
            } else {
                $username = $user->username;
                $name = $user->name;
            }
			$this->reqHttpCurl($email, $hashed, $username, $name);
            if(empty($request->password)) {
                if (User::where('email', $email)->update(['password' => md5($hashed)])) {
                    return response()->json(['status' => 'success', 'code' => 200, 'message' => 'Password already sent to mail'], 200);
                }
            } else {
                return response()->json(['status' => 'success', 'code' => 200, 'message' => 'Password already sent to mail'], 200);
            }
		}
	}

	private function reqHttpCurl($email, $password, $username, $name)
	{
		$postData = [
			"to" => $email,
			"name" => $name,
			"username" => $username,
			"password" => $password,
			"from" => "app.integrasia@integrasiautama.com",
			"alias_from" => "OSPRO",
			"subject" => "Registration OSPRO",
			"body" => "registration-ospro"
		];

		$curl = curl_init();

		curl_setopt_array($curl, array(
			CURLOPT_URL => URL_EMAIL, // your preferred url
			CURLOPT_RETURNTRANSFER => true,
			CURLOPT_ENCODING => "",
			CURLOPT_MAXREDIRS => 10,
			CURLOPT_TIMEOUT => 30000,
			CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
			CURLOPT_CUSTOMREQUEST => "POST",
			CURLOPT_POSTFIELDS => json_encode($postData),
			CURLOPT_HTTPHEADER => array(
				// Set here requred headers
				"accept: */*",
				"accept-language: en-US,en;q=0.8",
				"content-type: application/json",
			),
		));

		$response = curl_exec($curl);
		$err = curl_error($curl);

		curl_close($curl);

		if ($err) {
			echo "cURL Error #:" . $err;
		} else {
			print_r(json_decode($response));
		}
	}
}