<?php

namespace App\Controller;

use UnhandledMatchError;

/**
 *
 */
class RequestController
{
	private DomainController $domainController;
	private array $result;
	private String $status;
	private String $message;
	
	/**
	 * @param \App\Controller\DatabaseConnection $databaseConnection
	 * @param String                             $requestMethod
	 * @param array                              $uri
	 */
	public function __construct(private DatabaseConnection $databaseConnection, private String $requestMethod, private array $uri)
	{
		$this->requestMethod = strtoupper($requestMethod);
		$this->domainController = new DomainController($this->databaseConnection);
	}
	
	
	/**
	 * @return void
	 */
	public function processRequest()
	{
		if (empty($this->uri[2]) || $this->uri[2] != 'domains') {
			$this->status = "404 Not Found";
			$this->message = "Endpoint not found.";
		} else {
			if ($this->checkPassword()) {
				try {
					match ($this->requestMethod) {
						'GET' => $this->handleDomainGetRequest(),
						'POST' => $this->handleDomainPostRequest(),
						'PUT' => $this->handleDomainPutRequest(),
						'DELETE' => $this->handleDomainDeleteRequest()
					};
				} catch(UnhandledMatchError) {
						$this->status = "400 Bad Request";
						$this->message = "unknown request method: $this->requestMethod";
				}
			}
		}

		if (!empty($this->result)) {
			echo json_encode($this->result);
		} else {
			echo json_encode([
				'status' => $this->status ?? "Error: No status",
				'message' => $this->message ?? "Error: No message."
			]);
		}
	}
	
	
	/**
	 * @return bool
	 */
	public function checkPassword(): bool
	{
		$headers = array_change_key_case(getallheaders(), CASE_UPPER);
		$apiKey = $headers['X-API-KEY'] ?? "";
		
		if (empty($apiKey)) {
			$this->status = "401 Unauthorized";
			$this->message = "API key is missing.";
			return false;
		} else {
			[$prefix,] = explode('.', $apiKey);
			$apiUsers = new ApiKeys($this->databaseConnection);
			$apiResult = $apiUsers->findByPrefix($prefix);
			$storedHash = $apiResult['api_token'];
			
			if (!password_verify($apiKey, $storedHash)) {
				$this->status = "401 Unauthorized";
				$this->message = "API key mismatch.";
				return false;
			}
		}
		return true;
	}
	
	/**
	 * @return void
	 */
	public function handleDomainGetRequest(): void
	{
		if (empty($this->uri[3])) {
			$this->result = $this->domainController->findAll();
		} else {
			if ($result = $this->domainController->findByID(intval($this->uri[3]))) {
				$this->result = $result;
			} else {
				$this->status = "404 Not Found ";
				$this->message = "The specified domain was not found.";
			}
		}
	}
	
	
	/**
	 * @return void
	 */
	public function handleDomainPostRequest(): void
	{
		$name = $_POST['name'] ?? '';
		$a = $_POST['a'] ?? '';
		$aaaa = $_POST['aaaa'] ?? '';
		if (empty($name)) {
			$this->status = "400 Bad Request";
			$this->message = "A name is required";
		} else {
			if (empty($a) && empty($aaaa)) {
				$this->status = "400 Bad Request";
				$this->message = "At least one IP address is required.";
			} else {
				if ($this->domainController->findByName($name)) {
					$this->status = "400 Bad request";
					$this->message = "Domain: $name already exists.";
				} else {
					$result = $this->domainController->insert($name, $a, $aaaa);
					$this->status = "201 Created";
					$this->message = $result;
				}
			}
		}
	}
	
	
	/**
	 * @return void
	 */
	public function handleDomainPutRequest(): void
	{
		$putData = fopen(filename: 'php://input', mode: 'r');
		$data = fread($putData, 512);
		$params = explode('&', $data);
		
		foreach ($params as $param) {
			[$key, $value] = explode('=', $param);
			$put[$key] = $value;
		}
		$id = $put['id'] ?? 0;
		$name = $put['name'] ?? "";
		$a = $put['a'] ?? "";
		$aaaa = $put['aaaa'] ?? "";
		
		if ($id == 0) {
			$this->status = "400 Bad Request";
			$this->message = "An ID is required";
		} else {
			if (!$this->domainController->findByID($id)) {
				$this->status = "404 Not Found";
				$this->message = "Domain with ID : $id doesn't exist.";
			} else {
				// TODO not required, as we rely on the ID
				if (empty($name)) {
					$this->status = "400 Bad Request";
					$this->message = "A name is required";
				} else {
					if (empty($a) && empty($aaaa)) {
						$this->status = "400 Bad Request";
						$this->message = "At least one IP address is required.";
					} else {
						$dcResult = $this->domainController->update($id, $name, $a, $aaaa);
						$this->status = "201 Updated";
						$this->message = $dcResult;
					}
				}
			}
		}
	}
	
	/**
	 * @return void
	 */
	public function handleDomainDeleteRequest(): void
	{
		$deleteData = fopen(filename: 'php://input', mode: 'r');
		$data = fread($deleteData, length: 512);
		$params = explode(separator: '&', string: $data);
		
		foreach ($params as $param) {
			[$key, $value] = explode(separator: '=', string: $param);
			$delete[$key] = $value;
		}
		
		$id = $delete['id'] ?? 0;
		
		if ($id == 0) {
			$this->status = "404 Bad Request";
			$this->message = "You need to supply an ID.";
		} else {
			if (!$this->domainController->findByID($id)) {
				$this->status = "400 Bad Request";
				$this->message = "There is no domain with ID $id.";
			} else {
				$this->domainController->delete($id);
				$this->status = "204 No content.";
				$this->message = "The domain $id has been deleted.";
			}
		}
	}
	
}