<?php
namespace app\admin\controller;

use support\Request;
use app\common\model\AdminUser;
use app\common\service\AuthService;

class AuthController
{
    public function login(Request $request)
    {
        $username = trim((string)$request->post('username', ''));
        $password = (string)$request->post('password', '');
        if ($username === '' || $password === '') {
            return jsonResponse(null, '参数错误', 400);
        }

        $admin = AdminUser::where('username', $username)->first();
        if (!$admin) {
            return jsonResponse(null, '账号或密码错误', 401);
        }
        if (intval($admin->status) !== 1) {
            return jsonResponse(null, '账号已禁用', 403);
        }
        if (!password_verify($password, $admin->password_hash)) {
            return jsonResponse(null, '账号或密码错误', 401);
        }

        $token = AuthService::issueAdminToken($admin);
        return jsonResponse([
            'token' => $token,
            'admin' => $admin
        ], '登录成功');
    }

    public function me(Request $request)
    {
        $admin = $request->admin;
        $permissions = [];
        if (intval($admin->is_super) === 1) {
            $permissions = ['*'];
        } else {
            $admin->loadMissing(['roles.permissions']);
            $map = [];
            foreach ($admin->roles as $role) {
                foreach ($role->permissions as $permission) {
                    $map[$permission->code] = true;
                }
            }
            $permissions = array_keys($map);
        }
        return jsonResponse([
            'admin' => $admin,
            'permissions' => $permissions
        ]);
    }

    public function logout(Request $request)
    {
        AuthService::revokeAdminToken($request->token ?? null);
        return jsonResponse(null, '已退出登录');
    }
}