<?php
session_start();

require_once 'db/config.php';

function on_successful_login($user) {
    session_regenerate_id();
    $_SESSION['user_id'] = $user['id'];
    $_SESSION['role_id'] = $user['role_id'];
    $_SESSION['role_name'] = $user['role_name'];
}

function remember_me($user_id) {
    $pdo = db();
    $token = bin2hex(random_bytes(16));
    $hashed_token = hash('sha256', $token);

    $stmt = $pdo->prepare("UPDATE users SET remember_token = ? WHERE id = ?");
    $stmt->execute([$hashed_token, $user_id]);

    $cookie_value = base64_encode(json_encode(['user_id' => $user_id, 'token' => $token]));
    // Set cookie for 30 days
    setcookie('remember_me', $cookie_value, time() + (86400 * 30), "/", "", true, true);
}

function login_via_cookie() {
    if (isset($_COOKIE['remember_me'])) {
        $cookie_data = json_decode(base64_decode($_COOKIE['remember_me']), true);
        if (isset($cookie_data['user_id']) && isset($cookie_data['token'])) {
            $user_id = $cookie_data['user_id'];
            $token = $cookie_data['token'];

            $pdo = db();
            $stmt = $pdo->prepare("SELECT u.id, u.password_hash, u.role_id, r.role_name, u.remember_token FROM users u JOIN roles r ON u.role_id = r.id WHERE u.id = ?");
            $stmt->execute([$user_id]);
            $user = $stmt->fetch(PDO::FETCH_ASSOC);

            if ($user && hash_equals($user['remember_token'], hash('sha256', $token))) {
                on_successful_login($user);
                // For added security, regenerate the token
                remember_me($user_id);
                return true;
            }
        }
    }
    return false;
}

function is_logged_in() {
    if (isset($_SESSION['user_id'])) {
        return true;
    }
    return login_via_cookie();
}

function require_login() {
    if (!is_logged_in()) {
        header('Location: login.php');
        exit();
    }
}

function current_user_id() {
    return $_SESSION['user_id'] ?? null;
}

function is_admin() {
    if (!is_logged_in() || !isset($_SESSION['role_id'])) {
        return false;
    }
    return (int)$_SESSION['role_id'] === 1;
}

function register_user($username, $email, $password) {
    $pdo = db();
    $password_hash = password_hash($password, PASSWORD_DEFAULT);
    
    try {
        $stmt = $pdo->prepare("INSERT INTO users (username, email, password_hash, role_id) VALUES (?, ?, ?, 2)");
        return $stmt->execute([$username, $email, $password_hash]);
    } catch (PDOException $e) {
        // Handle duplicate entry
        return false;
    }
}

function login_user($email, $password, $remember = false) {
    $pdo = db();
    $stmt = $pdo->prepare("SELECT u.id, u.password_hash, u.role_id, r.role_name FROM users u JOIN roles r ON u.role_id = r.id WHERE u.email = ?");
    $stmt->execute([$email]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);

    if ($user && password_verify($password, $user['password_hash'])) {
        on_successful_login($user);
        if ($remember) {
            remember_me($user['id']);
        }
        return true;
    }
    return false;
}

function logout_user() {
    $pdo = db();
    if (isset($_SESSION['user_id'])) {
        $stmt = $pdo->prepare("UPDATE users SET remember_token = NULL WHERE id = ?");
        $stmt->execute([$_SESSION['user_id']]);
    }
    
    if (isset($_COOKIE['remember_me'])) {
        unset($_COOKIE['remember_me']);
        setcookie('remember_me', '', time() - 3600, '/');
    }

    session_unset();
    session_destroy();
}