<?php
/*
 * Copyright (c) 2022. Micha Espey <tracer@24unix.net>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 *
 */

namespace App\Controller;

use App\Entity\User;
use App\Repository\UserRepository;
use App\Service\Router;
use App\Service\Template;

class SecurityController
{
    public function __construct(
        private readonly Template       $template,
        private readonly UserRepository $userRepository,
        private readonly Router         $router
    )
    {

    }

    public function login(): never
    {
        if (!empty($_POST)) {
            $nick     = $_POST['nick'] ?? '';
            $password = $_POST['password'] ?? '';

            if ($nick && $password) {
                $nick = strtolower(string: $nick);
                if ($user = $this->userRepository->findbyNick(nick: $nick)) {
                    if (password_verify(password: $password, hash: $user->getPassword())) {
                        $_SESSION['user_id'] = $user->getId();
                        header(header: 'Location: /');
                        exit(0);
                    } else {
                        $message = "Wrong credentials.";
                    }
                } else {
                    $message = "User not found.";
                }
            } else {
                $message = 'You need to enter your credentials.';
            }
        }

        $this->template->render(templateName: 'security/login.html.php', vars: [
            'user' => $user ?? new User(),
            'message' => $message ?? '',
            'router' => $this->router
        ]);
    }

    function logout(): void
    {
        session_unset();
        header(header: 'Location: /');
    }

}