<?php

namespace Controllers;

use Firebase\JWT\JWT;
use Libs\ResponseLib;
use Models\UserModel;
use Psr\Http\Message\ServerRequestInterface;

class LoginController
{
    public function __invoke(ServerRequestInterface $request)
    {
        $body = json_decode((string) $request->getBody(), true);
        $username = $body['username'] ?? '';
        $password = $body['password'] ?? '';

        if (empty($username) || empty($password)) {
            return ResponseLib::sendFail("Missing username or password", [], "E_VALIDATE")->withStatus(401);
        }

        $userModel = new UserModel();
        $user = $userModel->validateLogin($username, $password);

        if (!$user) {
            return ResponseLib::sendFail("Invalid credentials", [], "E_VALIDATE")->withStatus(401);
        }

        // Gera JWT
        $payload = [
            'sub' => $user['user_id'],
            'username' => $user['user_name'],
            'role_id' => $user['role_id'],
            'company_id' => $user['company_id'],
            'iat' => time(),
            'exp' => time() + 3600  // 1 hora
        ];
        $jwt = JWT::encode($payload, $_ENV['JWT_SECRET'], 'HS256');

        return ResponseLib::sendOk(['token' => $jwt, 'user_id' => $user['user_id'], 'role_id' => $user['role_id']]);
    }
}