<?php
namespace MSFD\Controllers;
use MSFD\Services\PgSql;
use MSFD\Services\GeoserverAPI;


class AuthController {

    public function index() {
        $view = new ViewController();
        $view->render('login', []);
    }

    public function signin() {
        // Prevent invalid email input
        $email = $_POST['username'];
        if (!valid_email($email)) {
            header('HTTP/1.1 422 Unprocessable Entity');
            header('Location: login');
            /* header('Refresh: 1; URL = index.php'); */
            die();
        }

        // Handle guest login
        if (!isset($_POST['password'])) {
            $_SESSION['user_groups'] = [1];
            $_SESSION['user_name'] = "Guest";
            $_SESSION['user_id'] = self::insertGuestUser($email);
            /* header('HTTP/1.1 302 Found'); */
            header('Location: /');
            return TRUE;
        } else { // handle user login
            $email = $_POST['username'];
            $password = $_POST['password'];
        }

        $api = new GeoserverAPI();
        $sql = "select geo_id from webapp.users where email = '{$email}' and password = '{$password}'";
        $user_id = PgSql::getCol($sql);

        if ($user_id) {
            $res = $api->getUser($user_id);
            $sql_groups = "SELECT group_id FROM webapp.users u
                JOIN webapp.users__groups ug ON u.geo_id = ug.user_id
                WHERE geo_id = '${user_id}'";
            $user_groups = Pgsql::getColValues($sql_groups);
            $sql_name = "SELECT fname FROM webapp.users u
                WHERE geo_id = '${user_id}'";
            $user_name = PgSql::getCol($sql_name);

            if ($res !== FALSE) {
                foreach($res->users as $entry) {
                    // if user id exists in geoserver
                    if ($entry->userName == $user_id) {
                        // STORE ROLE HERE IN SESSION USING API
                        $role = $api->getRole($user_id);
                        $_SESSION['user_id'] = $user_id;
                        $_SESSION['user_groups'] = $user_groups;
                        $_SESSION['user_name'] = $user_name;

                        header('Location: /');
                    }
                }
            } else {
                header('HTTP/1.1 403 Forbidden');
                /* header('Refresh: 2; URL = index.php'); */
                die();
            }
        } else {
            echo 'No such user in geoserver';
            header('HTTP/1.1 403 Forbidden');
            /* header('Refresh: 2; URL = index.php'); */
            die();
        }
    }


    public function logout() {
       /* session_start(); */
       session_destroy();
       unset($_SESSION);
       /* $_SESSION = array(); */
       header("Location: login");
       exit();
       /* header('Refresh: 2; URL = index.php'); */
    }


    private function insertGuestUser($email) {
      $uid = guidv4($email);
      $sql = "INSERT INTO webapp.users (email, password, origin, geo_id)
              VALUES ('${email}', '', 'GUEST', '${uid}')
              ON CONFLICT (email) DO UPDATE
              SET geo_id = EXCLUDED.geo_id,
                  last_login = now()";
      return json_decode(PgSql::insert($sql, 'geo_id'))->geo_id;
    }
}


function guidv4($data = null) {
    // Generate 16 bytes (128 bits) of random data or use the data passed into the function.
    $data = $data ?? random_bytes(16);
    assert(strlen($data) == 16);

    // Set version to 0100
    $data[6] = chr(ord($data[6]) & 0x0f | 0x40);
    // Set bits 6-7 to 10
    $data[8] = chr(ord($data[8]) & 0x3f | 0x80);

    // Output the 36 character UUID.
    return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
}


function valid_email($str) {
    return (!preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;
}