<?php

namespace App\Filters;

use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use CodeIgniter\Filters\FilterInterface;
use Config\Services;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;

class AuthFilter implements FilterInterface
{
    public function before(RequestInterface $request, $arguments = null)
    {
        $key   = getenv('JWT_SECRET');
        $token = $request->getCookie('token'); // ambil dari cookie

        // Kalau tidak ada token
        if (!$token) {
            return Services::response()
                ->setStatusCode(401)
                ->setJSON([
                    'status'  => 'failed',
                    'message' => 'Unauthorized: Token not found'
                ]);
        }

        try {
            // Decode JWT : jika error maka akan mentrigger catch
            $decoded = JWT::decode($token, new Key($key, 'HS256'));

            file_put_contents(WRITEPATH . 'logs/tokens.log', date('Y-m-d H:i:s') . ' - ' . $token . PHP_EOL, FILE_APPEND);
            
            // Kalau mau, bisa inject user info ke request
            // $request->userData = $decoded;

        } catch (\Exception $e) {
            return Services::response()
                ->setStatusCode(401)
                ->setJSON([
                    'status'  => 'failed',
                    'message' => 'Unauthorized: ' . $e->getMessage()
                ]);
        }
    }

    public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
    {
        // Tidak perlu apa-apa
    }
}