<?php

namespace Controllers;

use Firebase\JWT\JWT;
use Libs\ResponseLib;
use Models\UserModel;
use Psr\Http\Message\ServerRequestInterface;

class LoginController
{
    public function __invoke(ServerRequestInterface $request)
    {
        $body = json_decode((string) $request->getBody(), true) ?: [];
        $email = $body['email'] ?? $body['user_email'] ?? '';
        $password = $body['password'] ?? '';

        if (empty($email) || empty($password)) {
            return ResponseLib::sendFail("Missing email or password", [], "E_VALIDATE")->withStatus(400);
        }

        $userModel = new UserModel();
        $user = $userModel->validateLogin($email, $password);

        if (!$user) {
            return ResponseLib::sendFail("Invalid credentials", [], "E_VALIDATE")->withStatus(401);
        }

        $payload = [
            'sub' => $user['user_id'],
            'email' => $user['user_email'],
            'company_id' => $user['company_id'],
            'role' => $user['user_role'],
            'iat' => time(),
            'exp' => time() + 3600
        ];
        $jwt = JWT::encode($payload, $_ENV['JWT_SECRET'], 'HS256');

        return ResponseLib::sendOk([
            'token' => $jwt,
            'user' => $user,
        ]);
    }
}