<?php

namespace App\Http\Controllers\Auth;

use Phaseolies\Http\Request;
use Phaseolies\Http\Response;
use Phaseolies\Support\Facades\Auth;
use Phaseolies\Utilities\Attributes\Route;
use Phaseolies\Utilities\Attributes\Mapper;
use Phaseolies\Http\Response\RedirectResponse;
use App\Models\User;
use App\Http\Controllers\Controller;

#[Mapper(prefix: 'login')]
class LoginController extends Controller
{
    /**
     * Show the login form view.
     *
     * @return \Phaseolies\Http\Response
     */
    #[Route('/', name: 'login', middleware: ['guest'])]
    public function index(): Response
    {
        return view('auth.login');
    }

    /**
     * Handle an authentication attempt.
     *
     * @param Request $request
     * @return \Phaseolies\Http\Response\RedirectResponse
     */
    #[Route('/', name: 'login', methods: ['POST'], middleware: ['guest'])]
     public function login(Request $request): RedirectResponse
    {
        $request->sanitize([
            'email' => 'required|exists_in:users,email',
            'password' => 'required|min:2|max:20'
        ]);

        if (Auth::try($request->passed())) {
            if (Auth::hasTwoFactorEnabled(
                $user = User::whereEmail($request->email)->first()
            )) {
                $rawToken = bin2hex(random_bytes(64));
                $signature = hash_hmac('sha256', $user->id . '|' . $rawToken . '|' . $timestamp = time(), config('app.key'));
                $token = implode('|', [$user->id, $rawToken, $signature, $timestamp]);
                session(['2fa_token' => $token]);

                return redirect()->route('verify.2fa');
            }
            return redirect()->intended('/home')->withSuccess('You are logged in');
        }

        return back()->withError('Email or password is incorrect');
    }

    /**
     * Log the user out and redirect to login page.
     *
     * @return \Phaseolies\Http\Response\RedirectResponse
     */
    #[Route('logout', name: 'logout', methods: ['POST'], middleware: ['auth'])]
    public function logout(): RedirectResponse
    {
        Auth::logout();

        return redirect('/login')->withSuccess('You are successfully logged out');
    }
}