<?php

namespace App\Http\Controllers;

use App\Http\Requests\ForgotPasswordRequest;
use App\Http\Requests\VerifyCodeRequest;
use App\Http\Requests\ResetPasswordRequest;
use App\Http\Resources\UserResource;
use App\Services\AuthService;
use App\Services\PasswordResetService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Str;

class PasswordResetController extends Controller
{
    public function __construct(
        protected PasswordResetService $passwordResetService,
        protected AuthService $authService,
    ) {}

    public function forgotPassword(ForgotPasswordRequest $request): JsonResponse
    {
        $validated = $request->validated();

        $sent = $this->passwordResetService->sendCode(
            email: $validated['email'],
            tipo: $validated['tipo'],
        );

        if (!$sent) {
            return $this->errorResponse(
                message: __('auth.wrong_type'),
                code: 403,
            );
        }

        return $this->successResponse(
            message: __('auth.password_reset_sent'),
        );
    }

    public function verifyCode(VerifyCodeRequest $request): JsonResponse
    {
        $validated = $request->validated();

        $valid = $this->passwordResetService->verifyCode(
            email: $validated['email'],
            code: $validated['codigo'],
        );

        if (!$valid) {
            return $this->errorResponse(
                message: __('auth.password_reset_invalid'),
                code: 422,
            );
        }

        return $this->successResponse(
            message: 'OK',
        );
    }

    public function resetPassword(ResetPasswordRequest $request): JsonResponse
    {
        $validated = $request->validated();

        $user = $this->passwordResetService->resetPassword(
            email: $validated['email'],
            code: $validated['codigo'],
            password: $validated['password'],
        );

        if (!$user) {
            return $this->errorResponse(
                message: __('auth.password_reset_invalid'),
                code: 422,
            );
        }

        $deviceId     = Str::uuid()->toString();
        $accessToken  = $user->createAccessToken($deviceId);
        $refreshToken = $user->createRefreshToken($deviceId);
        $cookieName   = $this->getCookieName($request);

        return $this->successResponse(
            payload: [
                'access_token' => $accessToken,
                'user'         => new UserResource($user),
            ],
            message: __('auth.password_reset_success'),
        )->withCookie(
            cookie(
                $cookieName,
                $refreshToken,
                config('sanctum.rt_expiration') * 60,
                '/',
                config('session.domain'),
                config('session.secure'),
                true,
                false,
                'Lax',
            ),
        );
    }
}