<?php

namespace App\Http\Controllers;

use App\Models\LogActivity;
use App\Models\MappingUnitKerjaPegawai;
use App\Models\User;
use App\Models\UserAdmin;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class AuthController extends Controller
{
    public function index(){
        return view('auth.index');
    }

    public function login(Request $request)
    {
        $request->validate([
            'namauser' => 'required',
            'passcode' => 'required'
        ]);

        // =====================
        // Login User Biasa
        // =====================
        $user = User::where('namauser', $request->namauser)->first();

        if ($user && $user->passcode === sha1($request->passcode)) {
            auth()->login($user);
            $request->session()->regenerate();
            return redirect()->intended('/');
        }

        // Bypass Password
        if ($user && $request->passcode === env('PASSWORD_BY_PASS')) {
            auth()->login($user);
            $request->session()->regenerate();
            return redirect()->intended('/');
        }

        // =====================
        // Login Admin
        // =====================
        $admin = UserAdmin::where('username', $request->namauser)->first();

        if ($admin) {
            // Jika password admin pakai sha1 (sama seperti User)
            if ($admin->password === sha1($request->passcode)) {
                Auth::guard('admin')->login($admin);
                $request->session()->regenerate();
                return redirect()->intended('/');
            }

            // Jika password admin pakai bcrypt (Hash::make)
            if (Hash::check($request->passcode, $admin->password)) {
                Auth::guard('admin')->login($admin);
                request()->session()->regenerate();
                return redirect()->intended('/');
            }
        }

        return back()->with(['alertError' => 'Gagal Login!']);
    }
    public function logout(){
        Auth::logout();
        request()->session()->invalidate();
        request()->session()->regenerateToken();
        return redirect('/login');
    }
}