<?php

namespace kernel\modules\secure\controllers;

use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use JetBrains\PhpStorm\NoReturn;
use kernel\helpers\Debug;
use kernel\modules\user\models\User;
use kernel\Request;
use kernel\RestController;

class SecureRestController extends RestController
{
    public function __construct()
    {
        $this->model = new User();
    }

    #[NoReturn] public function actionAuth(): void
    {
        $request = new Request();
        $data = $request->post();
        $model = $this->model->where('username', $data['username'])->first();
        $res = [];
        if ($model) {
            if (password_verify($data["password"], $model->password_hash)) {
                $baseUrl = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
                $baseUrl .= $_SERVER['HTTP_HOST'];
//            $baseUrl .= $_SERVER['REQUEST_URI'];;
                $jwt = JWT::encode(
                    payload: [
                        "iss" => $baseUrl,
                        "aud" => $baseUrl,
                        "iat" => time(),
                        "exp" => date("Y-m-d H:i:s", strtotime("+30 days"))
                    ],
                    key: $model->{'password_hash'},
                    alg: 'HS256'
                );

                $model->{'access_token'} = $jwt;
                $model->{'access_token_expires_at'} =
                    JWT::decode($jwt, new Key($model->{'password_hash'}, 'HS256'))->exp;

                $res = [
                    "access_token" => $model->{'access_token'},
                    "access_token_expires_at" => $model->{'access_token_expires_at'},
                ];
            }
            $model->save();
        }
        
        $this->renderApi($res);

    }
}