<?php

namespace App\Http\Controllers;

use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\LoginRequest;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\ValidationException;

class AuthController extends Controller
{
    // =============== API (Sanctum Token) ===============
    public function login(LoginRequest $request)
    {
        $data = $request->validated();
        $identifier = $data['identifier'];
        $password = $data['password'];
        $device = $data['device_name'] ?? $request->header('User-Agent') ?? 'api';

        $user = User::where('email', $identifier)->first();
        if (!$user) {
            $user = User::where('username', $identifier)->first();
        }
        if (!$user || !Hash::check($password, $user->password)) {
            throw ValidationException::withMessages([
                'identifier' => ['email/username/password yang diberikan salah.'],
            ]);
        }

        $user->tokens()->where('name', $device)->delete();
        $token = $user->createToken($device)->plainTextToken;

        return response()->json([
            'success' => true,
            'token' => $token,
            'token_type' => 'Bearer',
            'user' => [
                'id' => $user->id,
                'name' => $user->name,
                'email' => $user->email,
                'username' => $user->username,
            ],
        ]);
    }

    public function me(Request $request)
    {
        return response()->json([
            'success' => true,
            'user' => $request->user(),
        ]);
    }

    public function logout(Request $request)
    {
        $request->user()->currentAccessToken()->delete();
        return response()->json(['success' => true]);
    }

    public function logoutAll(Request $request)
    {
        $request->user()->tokens()->delete();
        return response()->json(['success' => true]);
    }

    // =============== Web (Session Guard) ===============
    public function sessionLogin(LoginRequest $request)
    {
        $data = $request->validated();
        $identifier = $data['identifier'];
        $password = $data['password'];

        $user = User::where('email', $identifier)->first();
        if (!$user) {
            $user = User::where('username', $identifier)->first();
        }

        if (!$user || !Hash::check($password, $user->password)) {
            throw ValidationException::withMessages([
                'identifier' => ['email/username/password yang diberikan salah.'],
            ]);
        }

        Auth::login($user, true);
        $request->session()->regenerate();

        return response()->json(['success' => true]);
    }

    public function sessionLogout(Request $request)
    {
        Auth::logout();
        $request->session()->invalidate();
        $request->session()->regenerateToken();

        if ($request->expectsJson()) {
            return response()->json(['success' => true]);
        }

        return redirect()->route('login.index');
    }
}