<?php
namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Session;

class AuthController extends Controller
{
    public function showLoginForm()
    {
        return view('login');
    }

    public function login(Request $request)
    {
        $apiUrl = env('BACKEND_API_URL', 'http://192.168.100.28:8080');
        $loginEndpoint = '/api/cms/login_password';

        Log::info('API URL being used: ' . $apiUrl . $loginEndpoint);

        $response = Http::timeout(30)->post($apiUrl . $loginEndpoint, [
            'username' => $request->input('username'),
            'password' => $request->input('password'),
        ]);

        if ($response->successful()) {
            $data = $response->json();
            if (isset($data['success']) && isset($data['message'])) {
                if ($data['message'] === 'User must change password') {
                    Session::put('admin_uuid', $data['success']['admin_uuid']);
                    Session::put('username', $request->input('username'));
                    return redirect()->route('password.change')->with('success', 'You must change your password.');
                }
                // Store token in session
                Session::put('access_token', $data['success']['token']);
                Session::put('username', $request->input('username'));
                return redirect()->route('dashboard')->with('success', 'Login successful.');
            }
        }

        $errorMessage = 'Login failed. Please check your credentials.';
        if ($response->status() === 401) {
            $errorMessage = $response->json()['message'] ?? 'Unauthorized access.';
        } elseif ($response->status() === 422) {
            $errorMessage = $response->json()['message'] ?? 'Validation error.';
        }

        return redirect()->back()->with('error', $errorMessage)->withInput($request->except('password'));
    }

    public function showChangePasswordForm()
    {
        return view('change-password');
    }

    public function changePassword(Request $request)
    {
        $apiUrl = env('BACKEND_API_URL', 'http://192.168.100.28:8080');
        $changePasswordEndpoint = '/api/cms/login_changePassword';

        Log::info('API URL being used: ' . $apiUrl . $changePasswordEndpoint);

        $response = Http::timeout(30)->post($apiUrl . $changePasswordEndpoint, [
            'admin_uuid' => Session::get('admin_uuid'),
            'username' => Session::get('username'),
            'password' => $request->input('new_password'),
        ]);

        if ($response->successful()) {
            $data = $response->json();
            if (isset($data['success']['token'])) {
                Session::put('access_token', $data['success']['token']);
                return redirect()->route('dashboard')->with('success', 'Password changed successfully.');
            }
        }

        $errorMessage = 'Failed to change password.';
        if ($response->status() === 401) {
            $errorMessage = $response->json()['message'] ?? 'Unauthorized access.';
        } elseif ($response->status() === 422) {
            $errorMessage = $response->json()['message'] ?? 'Password cannot be the same as the previous two passwords.';
        }

        return redirect()->back()->with('error', $errorMessage)->withInput();
    }
}