<?php

namespace App\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use Slowlyo\OwlAdmin\Models\AdminUser;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;

class AuthController extends Controller
{
    public function login(Request $request)
    {
        $request->validate([
            'username' => 'required',
            'password' => 'required',
        ]);

        $user = AdminUser::where(['username' => $request->input('username')])->first();
        if (! $user) {
            return $this->error('用户名或密码错误');
        }
        if($user->lock){
            return $this->error('您的账号已被锁定，需要联系超级管理员解锁。');
        }
        if (! Hash::check($request->input('password'), $user->password)) {
            if($user->last_error_at &&  $user->last_error_at> now()->subHours(24)){
                $user->increment('error_num');
            }else{
                $user->update([
                    'error_num'=>1,
                ]);
            }

            $user->update([
                'last_error_at' => now()
            ]);
            if($user->error_num >= 3){
                $user->update([
                    'lock' => 1
                ]);
                return $this->error('您24小时连续输错密码3次，账号已锁定，需要联系超级管理员解锁。');
            }else{
                return $this->error('用户名或密码错误');
            }
        }

        // if ($user->is_enable !== 1) {
        //     return $this->error('用户状态异常请联系管理员');
        // }

        $user->update([
            'error_num'=>0,
            'last_error_at' => null
        ]);

        return $this->attemptUser($user);
    }

    protected function attemptUser(AdminUser $user, $name = 'api')
    {
        $token = $user->createToken($name)->plainTextToken;

        return $this->json(['token' => $token]);
    }
}