<?php
namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Http;

class AuthController extends Controller
{
    public function login(Request $request)
    {
        $username = $request->input('username');
        $password = $request->input('password');

        // Use the API container name or correct URL
        $apiUrl = 'http://192.168.56.1:8080/api/cms/login_password'; // Adjust as needed

        try {
            $response = Http::timeout(30)->post($apiUrl, [
                'username' => $username,
                'password' => $password,
            ]);

            $data = $response->json();

            if (!$data['success']) {
                $message = $data['message'] ?? 'Login failed';
                if ($message === 'User must change password') {
                    return redirect()->route('change-password')->with('error', 'You must change your password.');
                }
                return redirect()->back()->with('error', $message);
            }

            // Store token in session (or elsewhere)
            if (isset($data['token'])) {
                session(['authToken' => $data['token']]);
            }

            return redirect()->route('my-profile')->with('success', 'Login successful!');
        } catch (\Exception $e) {
            return redirect()->back()->with('error', 'Error connecting to API: ' . $e->getMessage());
        }
    }
}