<?php

namespace App\Controller\Auth;

use App\Event\Account\PasswordRequestEvent;
use App\Manager\EntityManager;
use App\Repository\UserRepository;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
use Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
use ZxcvbnPhp\Zxcvbn;

class AuthController extends AbstractController
{
    /**
     * @Route("/login", name="auth_login")
     */
    public function login(AuthenticationUtils $authenticationUtils): Response
    {
        if ($this->getUser()) {
            return $this->redirectToRoute('admin_dashboard_index');
        }

        $error = $authenticationUtils->getLastAuthenticationError();
        $lastUsername = $authenticationUtils->getLastUsername();

        return $this->render('auth/login.html.twig', [
            'last_username' => $lastUsername,
            'error' => $error,
        ]);
    }

    /**
     * @Route("/resetting/request", name="auth_resetting_request")
     */
    public function requestResetting(
        Request $request,
        UserRepository $repository,
        TokenGeneratorInterface $tokenGenerator,
        EntityManager $entityManager,
        EventDispatcherInterface $eventDispatcher
    ): Response {
        if ($this->getUser()) {
            return $this->redirectToRoute('admin_dashboard_index');
        }

        $emailSent = false;

        if ($request->isMethod('POST')) {
            $csrfToken = $request->request->get('_csrf_token');

            if ($this->isCsrfTokenValid('resetting_request', $csrfToken)) {
                $username = trim((string) $request->request->get('username'));

                if ($username) {
                    $account = $repository->findOneByEmail($username);

                    if ($account) {
                        $passwordRequestedAt = $account->getPasswordRequestedAt();

                        if (null !== $passwordRequestedAt && $passwordRequestedAt->getTimestamp() > (time() - 3600 / 2)) {
                            $emailSent = true;
                        }

                        if (!$emailSent) {
                            $account->setConfirmationToken($tokenGenerator->generateToken());
                            $account->setPasswordRequestedAt(new \DateTime('now'));

                            $entityManager->update($account);
                            $eventDispatcher->dispatch(new PasswordRequestEvent($account), PasswordRequestEvent::EVENT);

                            $emailSent = true;
                        }
                    }
                }
            }
        }

        return $this->render('auth/resetting_request.html.twig', [
            'email_sent' => $emailSent,
        ]);
    }

    /**
     * @Route("/resetting/update/{token}", name="auth_resetting_update")
     */
    public function requestUpdate(
        string $token,
        Request $request,
        UserRepository $repository,
        TokenGeneratorInterface $tokenGenerator,
        UserPasswordEncoderInterface $encoder,
        EntityManager $entityManager
    ): Response {
        if ($this->getUser()) {
            return $this->redirectToRoute('admin_dashboard_index');
        }

        $account = $repository->findOneByConfirmationToken($token);
        $passwordUpdated = false;
        $expired = false;

        if ($account) {
            $passwordRequestedAt = $account->getPasswordRequestedAt();

            if (null !== $passwordRequestedAt && $passwordRequestedAt->getTimestamp() < (time() - 3600 * 2)) {
                $expired = true;
            }
        } else {
            $expired = true;
        }

        if ($request->isMethod('POST') && !$expired) {
            $csrfToken = $request->request->get('_csrf_token');

            if ($this->isCsrfTokenValid('resetting_update', $csrfToken)) {
                $password = $request->request->get('password');
                $password2 = $request->request->get('password2');

                $zxcvbn = new Zxcvbn();
                $strength = $zxcvbn->passwordStrength($password, []);

                if (4 === $strength['score'] && $password === $password2) {
                    $account
                        ->setPassword($encoder->encodePassword(
                            $account,
                            $password
                        ))
                        ->setConfirmationToken($tokenGenerator->generateToken())
                        ->setPasswordRequestedAt(new \DateTime('now'))
                    ;

                    $entityManager->update($account);

                    $passwordUpdated = true;
                }
            }
        }

        return $this->render('auth/resetting_update.html.twig', [
            'password_updated' => $passwordUpdated,
            'token' => $token,
            'expired' => $expired,
        ]);
    }

    /**
     * @Route("/logout", name="auth_logout")
     */
    public function logout()
    {
        throw new \Exception('This method can be blank - it will be intercepted by the logout key on your firewall');
    }
}