<?php

declare(strict_types=1);

namespace App\Http\Controllers\Api;

use App\Actions\Fortify\CreateNewUser;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\ArticleCommentRequest;
use App\Http\Requests\Api\LoginRequest;
use App\Http\Requests\Api\RegisterRequest;
use App\Http\Requests\Api\UpdatePasswordRequest;
use App\Http\Requests\Api\UpdateUserRequest;
use App\Http\Resources\Api\ArticleResource;
use App\Http\Resources\Api\PhotoResource;
use App\Http\Resources\Api\UserApiResource;
use App\Models\Articles\WebsiteArticle;
use App\Models\Miscellaneous\CameraWeb;
use App\Models\User;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\ValidationException;

class AuthController extends Controller
{
    public function login(LoginRequest $request): JsonResponse
    {
        $username = $request->input('username');
        $user = User::where('username', $username)
            ->orWhere('mail', $username)
            ->first();

        $credentialsValid = $user && Hash::check($request->input('password'), $user->password);

        if (! $credentialsValid) {
            Hash::check($request->input('password'), Hash::make('timing-attack-prevention'));

            throw ValidationException::withMessages([
                'username' => ['The provided credentials are incorrect.'],
            ]);
        }

        if ($user->is_banned) {
            throw ValidationException::withMessages([
                'username' => ['Your account has been banned.'],
            ]);
        }

        $user->update(['last_login' => time()]);

        $token = $user->createToken('auth-token')->plainTextToken;

        return response()->json([
            'user' => new UserApiResource($user),
            'token' => $token,
        ]);
    }

    public function register(RegisterRequest $request): JsonResponse
    {
        $createNewUser = new CreateNewUser;

        $user = $createNewUser->create($request->validated());

        $token = $user->createToken('auth-token')->plainTextToken;

        return response()->json([
            'user' => new UserApiResource($user),
            'token' => $token,
        ], 201);
    }

    public function user(\Illuminate\Http\Request $request): JsonResponse
    {
        return response()->json(new UserApiResource($request->user()));
    }

    public function logout(\Illuminate\Http\Request $request): JsonResponse
    {
        $request->user()->currentAccessToken()->delete();

        return response()->json(['message' => 'Logged out successfully']);
    }

    public function home(): JsonResponse
    {
        $articles = WebsiteArticle::with(['user:id,username,look'])
            ->latest('id')
            ->take(4)
            ->get();

        $photos = CameraWeb::query()
            ->latest('id')
            ->take(4)
            ->where('visible', true)
            ->with('user:id,username,look')
            ->get();

        return response()->json([
            'articles' => ArticleResource::collection($articles),
            'photos' => PhotoResource::collection($photos),
        ]);
    }

    public function updateUser(UpdateUserRequest $request): JsonResponse
    {
        $user = $request->user();
        $user->update($request->validated());

        return response()->json(new UserApiResource($user));
    }

    public function updatePassword(UpdatePasswordRequest $request): JsonResponse
    {
        $request->user()->update([
            'password' => Hash::make($request->input('password')),
        ]);

        return response()->json(['message' => 'Password updated successfully']);
    }

    public function articleComment(ArticleCommentRequest $request, string $slug): JsonResponse
    {
        $article = WebsiteArticle::where('slug', $slug)->firstOrFail();

        $comment = $article->comments()->create([
            'user_id' => $request->user()->id,
            'comment' => strip_tags((string) $request->input('comment')),
        ]);

        return response()->json([
            'data' => $comment->load('user:id,username,look'),
        ], 201);
    }
}