<?php

namespace App\Http\Controllers\Admin;

use App\Http\Controllers\Controller;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

use function auditionLog;

class ImpersonationController extends Controller
{
    public function start(Request $request)
    {
        $user = User::findOrFail($request->user_id);
        $admin = $request->user();

        if (! $admin->can('impersonate', $user)) {
            abort(403);
        }

        // Prevent impersonating yourself or impersonating if already impersonating
        if ($admin->id === $user->id || session()->has('impersonator_id')) {
            return back()->with('error', 'Cannot impersonate.');
        }

        // Save the original admin id and optionally guard
        session()->put('impersonator_id', $admin->id);
        session()->put('impersonator_started_at', now()->toDateTimeString());

        auditionLog('Started impersonating '.$user->full_name().' - '.$user->email, ['users' => [$user->id]]);

        // Switch user
        Auth::loginUsingId($user->getAuthIdentifier());

        // Regenerate session to mitigate fixation
        $request->session()->regenerate();

        return redirect(route('dashboard'))->with('success', 'Now impersonating '.$user->email);
    }

    public function stop(Request $request)
    {
        $impersonatedUser = Auth::user();
        $impersonatorId = session('impersonator_id');
        if (! $impersonatorId) {
            return back()->with('error', 'Not impersonating.');
        }

        // Restore original admin
        $admin = User::find($impersonatorId);
        if ($admin) {
            Auth::loginUsingId($admin->getAuthIdentifier());
        } else {
            // If admin was deleted, just log out
            Auth::logout();
        }

        auditionLog('Stopped impersonating '.$impersonatedUser->full_name().' - '.$impersonatedUser->email, ['users' => [$impersonatedUser->id]]);

        // Clear impersonation data
        session()->forget(['impersonator_id', 'impersonator_started_at']);

        // Regenerate session
        $request->session()->regenerate();

        return redirect(route('dashboard'))->with('success', 'Stopped impersonation.');
    }

    public function index()
    {

        $users = User::where('id', '!=', auth()->id())->get();

        return view('admin.impersonation.index', compact('users'));
    }
}