<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use PHPOpenSourceSaver\JWTAuth\Facades\JWTAuth;
use App\Models\User;
use Illuminate\Support\Facades\Log;

class UserAuthController extends Controller
{

public function refreshToken()
{
    Log::info('🔄 [JWT-REFRESH] called');

    try {
        $newToken = JWTAuth::parseToken()->refresh();

        Log::info('✅ [JWT-REFRESH] Token refreshed');

        return response()->json([
            'success' => true,
            'token' => $newToken,
        ]);

    } catch (\PHPOpenSourceSaver\JWTAuth\Exceptions\TokenExpiredException $e) {
        Log::warning('⛔ [JWT-REFRESH] Refresh TTL expired');

        return response()->json([
            'success' => false,
            'message' => 'Refresh expired. Please login again.',
        ], 401);

    } catch (\Exception $e) {
        Log::error('🔥 [JWT-REFRESH] Exception', [
            'error' => $e->getMessage(),
        ]);

        return response()->json([
            'success' => false,
            'message' => 'Unable to refresh token.',
        ], 401);
    }
}


    /**
     * User Login
     */
    public function login(Request $request)
    {
        $request->validate([
            'login_id' => 'required|string', // can be email, mobile, or customer_id
            'password' => 'required|string',
        ]);

        // Find user by email OR mobile_no OR customer_id
        $user = User::where('email', $request->login_id)
            ->orWhere('mobile_no', $request->login_id)
            ->orWhere('customer_id', $request->login_id)
            ->first();

        if (!$user) {
            return response()->json([
                'success' => false,
                'message' => 'User not found with given credentials.',
            ], 404);
        }

        // Check hashed password
        if (!Hash::check($request->password, $user->password)) {
            return response()->json([
                'success' => false,
                'message' => 'Incorrect password.',
            ], 401);
        }

        // Generate JWT token
        $token = JWTAuth::fromUser($user);

        return response()->json([
            'success' => true,
            'message' => 'Login successful.',
            'token' => $token,
            'user' => [
                'id' => $user->id,
                'customer_id' => $user->customer_id,
                'customer_name' => $user->customer_name,
                'company_name' => $user->company_name,
                'email' => $user->email,
                'mobile_no' => $user->mobile_no,
                'address' => $user->address,
                'pincode' => $user->pincode,
            ]
        ]);
    }

    
    /**
     * User Logout
     */
    public function logout(Request $request)
    {
        try {
            JWTAuth::invalidate(JWTAuth::getToken());

            return response()->json([
                'success' => true,
                'message' => 'Logout successful.',
            ]);
        } catch (\Exception $e) {
            return response()->json([
                'success' => false,
                'message' => 'Failed to logout. Token may be invalid or expired.',
            ], 500);
        }
    }
}