<?php

namespace App\Http\Controllers;

use App\Http\Controllers\Controller;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\Log;

class LoginController extends Controller
{
    public function __construct()
    {
        $this->middleware('guest')->except("logout");
        parent::__construct();
    }

    public function index()
    {
        return view('login');
    }

    public function login(Request $request)
    {
        $maxAttempts = 10;
        $decayMinutes = 60;

        $credentials = $request->validate([
            'email' => 'required|email',
            'password' => 'required',
        ], [
            'email.required' => 'Please enter your email.',
            'email.email' => 'Invalid email format.',
            'password.required' => 'Please enter your password.',
        ]);

        $email = $request['email'];

        $attempts = Cache::get('login_attempts_' . $email, 0);
        if ($attempts >= $maxAttempts) {
            return back()->withErrors(['error' => 'Too many login attempts. Please try again later in 1 minute.']);
        }

        $remember = $request->filled('remember');

        if (Auth::attempt($credentials, $remember)) {
            Cache::forget('login_attempts_' . $email);
            $request->session()->regenerate();
            return redirect()->route('admin.login')
                ->withSuccess('You have successfully logged in!');
        }

        $attempts = Cache::get('login_attempts_' . $email, 0);
        $attempts++;
        Cache::put('login_attempts_' . $email, $attempts, $decayMinutes);
        if ($attempts >= $maxAttempts) {
            return back()->withErrors(['error' => 'Too many login attempts. Please try again later in 1 minute.']);
        }

        return back()
            ->withInput($request->only('email', 'remember'))
            ->withErrors([
                'error' => 'Email atau password anda salah',
            ]);
    }

    public function logout(Request $request)
    {
        Auth::logout();
        $request->session()->invalidate();
        $request->session()->regenerateToken();
        return redirect()->route('admin.login')->withSuccess('You have logged out successfully!');
    }
}