<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Carbon\Carbon;
use App\Models\Pengguna;
use Illuminate\Support\Facades\Hash;

class ResetPasswordViewController extends Controller
{
    // Menampilkan form reset password
    public function showResetForm(Request $request)
    {
        $token = $request->token;
        $email = $request->email;

        // Periksa apakah token valid
        $passwordReset = DB::table('password_resets')
            ->where('email', $email)
            ->first();

        if (!$passwordReset) {
            return view('auth.password.reset', [
                'token' => $token,
                'email' => $email,
                'error' => 'Token tidak valid atau sudah kadaluarsa.'
            ]);
        }

        // Periksa apakah token sudah kadaluarsa (60 menit)
        $expiresAt = Carbon::parse($passwordReset->created_at)->addMinutes(60);
        if (Carbon::now()->isAfter($expiresAt)) {
            return view('auth.password.reset', [
                'token' => $token,
                'email' => $email,
                'error' => 'Token sudah kadaluarsa.'
            ]);
        }

        return view('auth.password.reset', [
            'token' => $token,
            'email' => $email
        ]);
    }

    // Melakukan reset password
    public function reset(Request $request)
    {
        $request->validate([
            'token' => 'required|string',
            'email' => 'required|email',
            'password' => 'required|string|min:8|confirmed',
        ]);

        // Cari token di database
        $passwordReset = DB::table('password_resets')
            ->where('email', $request->email)
            ->first();

        if (!$passwordReset) {
            return back()->withErrors(['email' => 'Token atau email tidak valid']);
        }

        // Verifikasi token
        if (!Hash::check($request->token, $passwordReset->token)) {
            return back()->withErrors(['email' => 'Token tidak valid']);
        }

        // Periksa apakah token sudah kadaluarsa (60 menit)
        $expiresAt = Carbon::parse($passwordReset->created_at)->addMinutes(60);
        if (Carbon::now()->isAfter($expiresAt)) {
            return back()->withErrors(['email' => 'Token sudah kadaluarsa']);
        }

        // Reset password
        $pengguna = Pengguna::where('email', $request->email)->first();
        if ($pengguna) {
            $pengguna->kata_sandi = Hash::make($request->password);
            $pengguna->save();

            // Hapus token setelah digunakan
            DB::table('password_resets')->where('email', $request->email)->delete();

            // Check if request is from WebView (you can add a parameter to detect this)
            if ($request->has('from_app')) {
                return response()->json([
                    'success' => true,
                    'message' => 'Password berhasil direset.'
                ]);
            }

            // Regular web view success
            return view('auth.password.reset_success');
        }

        if ($request->has('from_app')) {
            return response()->json([
                'success' => false,
                'message' => 'Email tidak ditemukan'
            ], 400);
        }

        return back()->withErrors(['email' => 'Email tidak ditemukan']);
    }
}