<?php

namespace App\Http\Controllers;

use App\Models\AdminPermission;
use App\Models\AdminUser;
use App\Services\CaptchaService;
use Illuminate\Contracts\Cache\Repository as Cache;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;

class AuthController extends Controller
{
    public function __construct(
        protected Cache $cache,
    ) {
    }

    public function login(Request $request, CaptchaService $captchaService)
    {
        $request->validate([
            'username' => 'required',
            'password' => 'required',
            // 'captcha_key' => 'required',
            // 'captcha_value' => 'required',
        ]);

        // if (! $captchaService->testPhrase($request->input('captcha_key'), $request->input('captcha_value'))) {
        //     return $this->error('验证码错误');
        // }

        $username = $request->input('username');

        $user = AdminUser::where(['username' => $username])->first();

        $cacheKey = "admin_user_ban:{$username}";

        if ($user?->banned_at) {
            if ($user->banned_at->addMinutes(5)->gte(now())) {
                return $this->error('账号已封禁，请联系管理员');
            }

            $this->cache->forget($cacheKey);
        }

        if (! Hash::check($request->input('password'), (string) $user?->password)) {
            $this->cache->add($cacheKey, 0, 86400);

            $hits = $this->cache->increment($cacheKey, 1);

            if ($hits >= 3) {
                if ($user) {
                    // 锁定账号
                    $user->update([
                        'banned_reason' => '24小时内密码连续错误3次',
                        'banned_at' => now(),
                    ]);

                    // 清空登录失败尝试次数
                    $this->cache->forget($cacheKey);
                }

                if ($hits > 3) {
                    return $this->error('账号已封禁，请联系管理员');
                }
            }

            return $this->error('用户名或密码错误');
        }

        // 清空登录失败尝试次数
        $this->cache->forget($cacheKey);

        if ($user->is_enable !== 1) {
            return $this->error('用户状态异常请联系管理员');
        }

        return $this->attemptUser($user);
    }

    protected function attemptUser(AdminUser $user, $name = 'api')
    {
        $token = $user->createToken($name)->plainTextToken;

        $permissionsQuery = AdminPermission::query();
        if($user->id != 1){
            $permissions = $permissionsQuery->whereIn('id', $user->permissionIds());
        }
        $permissions = $permissionsQuery->pluck('slug')->toArray();

        return $this->json(['token' => $token, 'info' => $user, 'permissions' => $user->permissionIds(), 'permissions_slug'=>$permissions]);
    }
}