<?php

namespace Blog\Model;

use PDOException;

class AuthModel extends Database
{
    public function login($email, $password){
        $hashedPassword = password_hash($password, PASSWORD_DEFAULT);

        $params=array();
        $params[":email"] = $email;
        $params[":password"] = $hashedPassword;

        $sql = "SELECT email, password, validUntil FROM user WHERE email = $email  AND password = $password";

        $pdo = $this->linkDB();

        try {
            $sth = $pdo->prepare($sql);
            $sth->execute($params);
            $result = $sth->fetchAll();
        } catch (PDOException $e) {
            new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
            die;
        }
        if(new \DateTime() <= DateTime($result['validUntil']))
            return $result ? true : false;
        else
            return "Ihr Passwort ist abgelaufen \n bitte erstellen Sie ein neues über: Passwort Vergessen";
    }

    public function register($email, $password, $straße, $hausnr, $ort, $postleitzahl, $land, $vorname, $nachname, $tel)
    {
        $rtn = $this->pwRequirementCheck($password);
        if($rtn !== true){
            return $rtn;
        }
        else{
            $hashedPassword = password_hash($password, PASSWORD_DEFAULT);

            $sql = "INSERT INTO user (email, passwort, straße, hausnr, ort, postleitzahl,land, vorname, nachname, tel) 
                    VALUES (:email, :password, :straße, :hausnr, :ort, :postleitzahl, :land, :vorname, :nachname, :tel)";

            try{
                $pdo = $this->linkDB();
                $stmt = $pdo->prepare($sql);
                return $stmt->execute([
                    ':email' => $email,
                    ':password' => $hashedPassword,
                    ':straße' => $straße,
                    ':hausnr' => $hausnr,
                    ':ort' => $ort,
                    ':postleitzahl' => $postleitzahl,
                    ':land' => $land,
                    ':vorname' => $vorname,
                    ':nachname' => $nachname,
                    ':tel' => $tel
                ]);
            } catch (PDOException $e) {
                new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
                die;
            }
        }
    }

    private function pwRequirementCheck($password){
        $error = [];

        if(strlen($password) <= 8)
            $error[] = "min 8 Charackter";
        if(!preg_match("/[A-Z]/", $password))
            $error[] = "min one large Character";
        if(!preg_match("/[a-z]/", $password))
            $error[] = "min one small charakter";
        if(!preg_match("/[0-9]/", $password))
            $error[] = "min one number";
        if(!preg_match("/[ <>|°^,;·.:…\-_–#'’+*~!¹\"²§³\$¼%½&¬/{([)]=}?ß\\\`¸´¡⅛£¤⅜⅝⅞™±¿˛¯˘—÷×»«¢„“”µþø→↓←ŧ¶€ſ@æſðđŋħ.ĸłµ”“„¢«»›‹©‚‘’ºÆẞÐªŊĦ˙&ŁΩ§€®Ŧ¥↑ıØÞ ]/", $password));
            $error[] = "min one of these: <>|°^,;·.:…\-_–#'’+*~!¹\"²§³\$¼%½&¬/{([)]=}?ß\\\`¸´¡⅛£¤⅜⅝⅞™±¿˛¯˘—÷×»«¢„“”µþø→↓←ŧ¶€ſ@æſðđŋħ.ĸłµ”“„¢«»›‹©‚‘’ºÆẞÐªŊĦ˙&ŁΩ§€®Ŧ¥↑ıØÞ";

        if(empty($error))
            return true;
        else
            return $error;
    }

    public function pwForgot($email){
        $randomPw = bin2hex(random_bytes(12 / 2));
        $hashedPassword = password_hash($randomPw, PASSWORD_DEFAULT);


        $betreff = "Passwort zurücksetzen bei bibArts";
        $nachricht = "Hallo,\n\nhier ihr temporäres Passwort:\n\n $randomPw \n\n Bitte beachten Sie, dass das Passwort nur 2 stunden Gülltig ist. \nViele Grüße,\nbibArts Team";

        $header = "From: noreply@edu.bib.de\r\n";
        $header .= "Content-Type: text/plain; charset=UTF-8\r\n";

        $maxTries = 5;
        $try = 0;
        $success = false;

        while ($try < $maxTries && !$success) {
            $erfolg = mail($email, $betreff, $nachricht, $header);
            $try++;
            if (!$erfolg) {
                error_log("Mailversuch $try an $email fehlgeschlagen.");
                sleep(1);
            }
        }
    }

    private function forgottenPwUpdate($email, $hashedPassword)
    {
        try{
            $pdo = $this->linkDB();

            $sqlCheck = "SELECT COUNT(*) FROM user WHERE email = :email";
            $stmt = $pdo->prepare($sqlCheck);
            $stmt->execute([':email' => $email]);
            if ($stmt->fetchColumn() == 0) {
                return false;
            }

            $sql = "UPDATE user 
                    SET passwort = :password
                    WHERE email = :email";

            $stmt = $pdo->prepare($sql);
            return $stmt->execute([
                ':email' => $email,
                ':password' => $hashedPassword
            ]);
        } catch (PDOException $e) {
            new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
            die;
            return false;
        }
    }

    public function checkDoublePw($password1, $password2){
        if($password1 === $password2){
            return true;
        }
        else
            return false;
    }
}