<?php

namespace App\Http\Controllers\API;

use App\Http\Requests\API\LoginRequest;
use App\Http\Requests\API\RegisterRequest;
use App\Http\Requests\API\ClientRequest;
use App\Http\Resources\ClientResource;
use App\Mail\EmailVerification;
use App\Mail\ResetPassword;
use App\Models\Account;
use App\Models\Client;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Lang;
use App\Http\Controllers\Controller;


class AuthController extends Controller
{
    public function login(LoginRequest $request){

        $client = Client::where('email', $request->input('email'))->first();

        if($client){

            if($client->is_suspended){
                return response()->json([
                    'message' => 'Account with this email is suspended'
                ], 403);
            }

            if (!Hash::check(request()->password, $client->password)){
                return response()->json([
                    'message' => 'Unauthorized'
                ], 401);
            }
            elseif ($client->is_suspended){
                return response()->json([
                    'message' => 'Account suspended'
                ], 401);
            }

            $credentials = $request->only('email', 'password');

            Auth::attempt($credentials);

            $client->tokens()->delete();

            $client->token = $client->createToken('auth_token')->plainTextToken;

            return ClientResource::make($client);
        }
        return response()->json(['message' => Lang::get('auth.email_not_found')], 404);
    }

    public function register(RegisterRequest $request){
        $client = new Client($request->only(['email','firstname','lastname']));
        $client->password = Hash::make($request->input('password'));

        $email_verification = (bool) config('settings.email_verification');
        $client->is_verified = ! $email_verification;

        if($email_verification)
        {
            $client->verification_token = rand(10000, 99999);

            try{
                Mail::to($request->email)
                    ->queue(new EmailVerification($request->firstname,  $client->verification_token));
            }catch (\Exception $ex){
                //eger email ugradyp bolmasa verification edip bolmaz
                $client->is_verified = true;
            }

        }

        $account = Account::create([
            'country_id' => $request->country,
            'type' => $request->account_type
        ]);

        $client->account()->associate($account)->save();

        if($client->is_verified){
            Auth::login($client);
            $client->token = $client->createToken('auth_token')->plainTextToken;
        }

        return ClientResource::make($client);
    }

    public function verifyEmail(Request $request){
        $request->validate([
            'email' => 'required|email',
            'token' => 'required'
        ]);

        $client = Client::where('email', $request->email)->first();

        if($client){
            if($client->verification_token === $request->token){
                $client->is_verified = 1;
                $client->save();

                Auth::login($client);

                $client->token = $client->createToken('auth_token')->plainTextToken;

                return ClientResource::make($client);
            }
            else{
                return response()->json(['message' => 'tokens don\'t match'], 401);
            }
        }
        else{
            return response()->json([
                'message' => 'no such client'
            ], 404);
        }
    }

    public function client(Request $request) {
        if($client = $request->user()){
            return ClientResource::make($client);
        }
        return response()->json([
            'message' => 'token_expired'
        ], 401);
    }

    public function logout(Request $request) {
        $request->user()->currentAccessToken()->delete();
        return response()->json([
            'message' => 'ok'
        ], 200);
	}

    public function sendPasswordResetLinkEmail(Request $request) {
        try{
            $request->validate(['email' => 'required|email']);

            $user = Client::where('email', $request->email)->first();
            if (!$user) {
                return response()->json([
                    'message' => 'user with provided email not found'
                ], 404);
            }

            $token = rand(1000, 9999);
            $user['verification_token'] = $token;
            $user->save();

            Mail::to($request->email)->queue(new ResetPassword($user->firstname, $token));

            return response()->json([
                'message' => 'sent reset code'
            ], 200);
        }
        catch(\Exception $e){
            return response()->json([
                'message' => $e->getMessage()
            ], 200);
        }
	}

    public function updatePassword(Request $request) {
        try{
            $this->validate($request, [
                'token' => 'required',
                'email' => 'required|email',
                'password' => 'required',
                'confirm_password' => 'required|same:password'
            ]);

            $user = Client::where('email', $request->email)->first();
            if($user && $request->token == $user->token){
                $user['password'] = Hash::make($request->password);
                $user->save();
                return response()->json([
                    'message' => 'OK'
                ], 200);
            }

            return response()->json([
                'message' => 'not_found'
            ], 404);
        }
        catch(\Exception $e){
            return response()->json([
                'message' => $e->getMessage()
            ], 500);
        }
    }

    public function updateClient(ClientRequest $request){

        $client = $request->user();

        $data = $request->only('firstname', 'lastname', 'password');

        if (!isset($data['password']) || !$data['password']) {
            unset($data['password']);
        }
        else {
            $data['password'] = Hash::make($data['password']);
        }

        if($client->fill($data)->save()){
            return ClientResource::make($client);
        }

        return response()->json([
            'message' => 'Your account has not been updated.',
        ],500);
    }
}