<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;

class DirectPasswordResetController extends Controller
{
    // Langkah 1: Tampil form input email
    public function showEmailForm()
    {
        return view('auth.forgot-password');
    }

    // Langkah 2: Cek email, kalau ada redirect ke form ganti password
    public function checkEmail(Request $request)
    {
        $request->validate([
            'email' => ['required', 'email']
        ], [
            'email.required' => 'Email wajib diisi.',
            'email.email'    => 'Format email tidak valid.'
        ]);

        $user = User::where('email', $request->email)->first();

        if (!$user) {
            return back()->withErrors([
                'email' => 'Email tidak ditemukan dalam sistem.'
            ])->withInput();
        }

        // Simpan email ke session, redirect ke form password baru
        session(['reset_email' => $request->email]);
        return redirect()->route('password.direct.form');
    }

    // Langkah 3: Tampil form password baru
    public function showResetForm()
    {
        if (!session('reset_email')) {
            return redirect()->route('password.request')
                ->withErrors(['email' => 'Sesi tidak valid, silakan ulangi.']);
        }
        return view('auth.reset-password-direct');
    }

    // Langkah 4: Simpan password baru
    public function resetPassword(Request $request)
    {
        $request->validate([
            'password' => ['required', 'confirmed', 'min:8']
        ], [
            'password.required'  => 'Password wajib diisi.',
            'password.confirmed' => 'Konfirmasi password tidak cocok.',
            'password.min'       => 'Password minimal 8 karakter.'
        ]);

        $email = session('reset_email');

        if (!$email) {
            return redirect()->route('password.request')
                ->withErrors(['email' => 'Sesi tidak valid, silakan ulangi.']);
        }

        $user = User::where('email', $email)->first();

        if (!$user) {
            return redirect()->route('password.request')
                ->withErrors(['email' => 'User tidak ditemukan.']);
        }

        $user->password = Hash::make($request->password);
        $user->save();

        // Hapus session
        session()->forget('reset_email');

        return redirect()->route('login')
            ->with('status', 'Password berhasil diubah! Silakan masuk dengan password baru.');
    }
}