<?php

namespace App\Http\Controllers\Admin;

use App\Http\Controllers\Concerns\ManagesCaptcha;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class AdminAuthController extends Controller
{
    use ManagesCaptcha;

    private const LOGIN_CAPTCHA_CONTEXT = 'admin_login';

    public function showLoginForm(Request $request)
    {
        return view('admin.auth.login', [
            'captchaQuestion' => $this->buildCaptchaQuestion($request, self::LOGIN_CAPTCHA_CONTEXT),
        ]);
    }

    public function login(Request $request)
    {
        $validated = $request->validate([
            'email' => ['required', 'email'],
            'password' => ['required', 'string'],
            'captcha' => ['required', 'string', 'max:10'],
        ]);

        if (!$this->captchaIsValid($request, self::LOGIN_CAPTCHA_CONTEXT)) {
            return back()->withErrors(['captcha' => 'Неверный ответ на капчу.'])->withInput();
        }

        $credentials = [
            'email' => $validated['email'],
            'password' => $validated['password'],
        ];

        if (!Auth::attempt($credentials, $request->boolean('remember'))) {
            return back()->withErrors(['email' => 'Неверный email или пароль.'])->withInput();
        }

        $request->session()->regenerate();
        $this->clearCaptcha($request, self::LOGIN_CAPTCHA_CONTEXT);

        if (!$request->user()->is_admin) {
            Auth::logout();
            $request->session()->invalidate();
            $request->session()->regenerateToken();

            return back()->withErrors(['email' => 'Доступ разрешен только администраторам.']);
        }

        return redirect()->route('admin.dashboard');
    }

    public function logout(Request $request)
    {
        Auth::logout();
        $request->session()->invalidate();
        $request->session()->regenerateToken();

        return redirect()->route('admin.login');
    }
}