<?php


namespace App\Http\Controllers\Admin;

use App\Helpers\ApiResponse;
use App\Helpers\ResponseCode;
use App\Helpers\StarterResponseCode;
use App\Http\Controllers\Controller;
use App\Models\Admin;
use App\Models\OperateLog;
use App\Models\Permission;
use App\Models\RoleHasPermission;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;

class AuthController extends Controller
{
    use ApiResponse;

    public $guard = "admin";

    /**
     * Create a new AuthController instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('sanctum.jwt:admin', ['except' => ['login']]);
    }

    /**
     * Create a new AuthController instance.
     *
     * @return void
     */

    public function guard()
    {
        return auth()->guard($this->guard);
    }

    /**
     * @OA\Post(
     *     path="/api/admin/auth/login",
     *     tags={"后台管理"},
     *     summary="用户名密码登录",
     *     description="",
     *     @OA\Parameter(name="username", in="query", @OA\Schema(type="string"), required=true, description="用户名"),
     *     @OA\Parameter(name="password", in="query", @OA\Schema(type="string"), required=true, description="密码"),
     *     @OA\Response(
     *      response="200",
     *      description="用户名密码登录"
     *     )
     * )
     */
    public function login()
    {
        $all = \request()->all();
        $messages = [
            'username.required' => '用户名必填',
            'password.required' => '密码必填',
        ];
        $validator = Validator::make($all, [
            'username' => 'required',
            'password' => 'required',
        ], $messages);
        if ($validator->fails()) {
            return $this->fail([StarterResponseCode::START_ERROR_PARAMETER, implode(',', $validator->errors()->all())]);
        }
        $admin = Admin::where('username', $all['username'])->first();
        if (!$admin || !Hash::check($all['password'], $admin->password)) {
            return $this->fail([ResponseCode::ERROR_PARAMETER, '账号密码不正确']);
        }
        $token = $admin->createToken("token")->plainTextToken;
        // 加日志
        OperateLog::addLogs($admin, "用户[{$admin->name}]登陆成功");
        return $this->respondWithToken($token);
    }

    /**
     * @OA\Post(
     *     path="/api/admin/auth/me",
     *     tags={"后台管理"},
     *     summary="获取用户基本信息",
     *     description="",
     *     @OA\Parameter(name="token", in="query", @OA\Schema(type="string"), required=true, description="token"),
     *     @OA\Response(
     *      response="200",
     *      description="获取用户基本信息"
     *     )
     * )
     */
    public function me()
    {
        $user = Admin::with('department', 'role')->find($this->guard()->user()->id);
        return $this->success($user);
    }

    /**
     * @OA\Post(
     *     path="/api/admin/auth/logout",
     *     tags={"后台管理"},
     *     summary="退出登录",
     *     description="",
     *     @OA\Parameter(name="token", in="query", @OA\Schema(type="string"), required=true, description="token"),
     *     @OA\Response(
     *      response="200",
     *      description="退出登录"
     *     )
     * )
     */
    public function logout()
    {
        $user = $this->guard()->user();
        $user->tokens()->delete();
        $this->guard()->logout();
        // 加日志
        OperateLog::addLogs($user, "用户[$user->name]退出登陆");
        return $this->success(["msg" => "登出成功"]);
    }

    /**
     * @OA\Get(
     *     path="/api/admin/auth/permissions",
     *     tags={"后台管理"},
     *     summary="获取权限菜单",
     *     description="",
     *     @OA\Parameter(name="token", in="query", @OA\Schema(type="string"), required=true, description="token"),
     *     @OA\Response(
     *      response="200",
     *      description="获取权限菜单"
     *     )
     * )
     */
    public function getPermissions()
    {
        $admin = $this->guard()->user();
        $admin_permissions = $admin->getAllPermissions();
        $all_permissions = (new Permission())->get()->toArray();

        $permission_has_url_ids = $admin_permissions->filter(function ($item) {
            return $item->url && $item->visible ? true : false;
        })->pluck("id")->toArray();

        foreach ($admin_permissions as $admin_permission) {
            $pids = get_pid($all_permissions, $admin_permission->id, "pid", $permission_has_url_ids);
            foreach ($pids as $pid) {
                if (in_array($pid, $permission_has_url_ids)) continue;
                $permission_has_url_ids[] = $pid;
            }
        }

        $admin_permissions = new Permission();
        $admin_permissions = $admin_permissions->whereIn("id", $permission_has_url_ids);
        $admin_permissions = $admin_permissions->orderBy("sortnumber")->get();
        $admin_permissions = $admin_permissions->toArray();

        $roleIds = $this->guard()->user()->roles->pluck('id')->toArray();
        foreach ($admin_permissions as &$item) {
            $item['has_auth_node_tags'] = [];
            $has_auth_node_tags = RoleHasPermission::whereIn('role_id', $roleIds)
                ->where('permission_id', $item['id'])
                ->get()->implode('auth_node_tags', ',');
            if ($has_auth_node_tags) {
                $item['has_auth_node_tags'] = array_filter(array_unique(explode(',', $has_auth_node_tags)));
            }
        }
        $admin_permissions = array2tree($admin_permissions);
        return response()->json($admin_permissions);
    }

    /**
     * Get the token array structure.
     *
     * @param string $token
     *
     * @return \Illuminate\Http\JsonResponse
     */
    protected function respondWithToken($token)
    {
        $ttl = config("sanctum.expiration");
        if ($ttl) {
            $expires_in = $ttl * 60;
        } else {
            $expires_in = null;
        }
        return $this->success([
            'access_token' => $token,
            'token_type' => 'bearer',
            'expires_in' => $expires_in
        ]);
    }
}