<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\LoginRequest;
use App\Services\Security\CaptchaVerifier;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\View\View;

class AuthenticatedSessionController extends Controller
{
    /**
     * Display the login view.
     */
    public function __construct(
        private readonly CaptchaVerifier $captchaVerifier,
    ) {
    }

    public function create(): View
    {
        return view('auth.login', [
            'requiresCaptcha' => session('bot_captcha_required', false),
            'captcha' => $this->captchaVerifier->frontendConfig(),
        ]);
    }

    /**
     * Handle an incoming authentication request.
     */
    public function store(LoginRequest $request): RedirectResponse
    {
        $request->authenticate();

        $request->session()->regenerate();

        $user = $request->authenticatedUser();
        if ($user && $request->authenticatedViaUsername() && ! $user->hasCompletedOnboarding()) {
            $request->session()->put('username_login_upgrade', true);

            return redirect()->route('setup.email.create')
                ->with('status', 'Add and verify your email address to continue setup.');
        }

        $request->session()->forget('username_login_upgrade');

        return redirect()->intended(route('dashboard'));
    }

    /**
     * Destroy an authenticated session.
     */
    public function destroy(Request $request): RedirectResponse
    {
        Auth::guard('web')->logout();

        $request->session()->invalidate();

        $request->session()->regenerateToken();

        return redirect('/');
    }
}