<?php

// rename file to: `config.php`
// @used by User class to login
// - [ ] use to fetch user groups for acl

/**
 * User object:
 * - ID // ADM_ID
 * - ADM_ACCOUNT // AUTHORIZE_USER, ADM_ACCOUNT
 * - ADM_NAME // ADM_NAME
 * - ADM_TECH_WORKER // ADM_TECH_WORKER
 * - ADM_COMPANY // ADM_COMPANY
 * - ADM_ADMIN_LEVEL // ADM_ADMIN_LEVEL
 * - ADM_PHONE // ADM_PHONE
 * - ADM_ADMIN_EXPIRE // ADM_ADMIN_EXPIRE
 * - ADM_ADMIN_DESC // ADM_ADMIN_DESC
 * - EMPLOYEE_TYPE // EMPLOYEE_TYPE
 * - EMAIL_IMAP_IMPORT_HOST // EMAIL_IMAP_IMPORT_HOST
 * - EMAIL_IMAP_IMPORT_USERNAME // EMAIL_IMAP_IMPORT_USERNAME
 */

class Theme_Auth_panel_biall_net { // TODO: implements AuthBaseInterface {

	static function login($login, $pass) { // @return User object or null

		if (empty($login) || empty($pass)) throw new Exception("Proszę podać login i hasło!");

		// { // TODO: TEST
		// 	$login = "krzys.dworski@gmail.com"; // COMPANIES.user_mail_contact
		// 	$pass = "76022801989"; // COMPANIES.P_PESEL or COMPANIES.PASSWD varchar(100) --- table PANEL_KLIENTA_BN_AUTH
		// }

		$item = self::fetchUser($login);
		if (empty($item['PASSWD']) || 32 != strlen($item['PASSWD'])) {
			throw new Exception("Proszę użyć funkcji przypomnienia hasła");
		}

		if (md5($pass) !== $item['PASSWD']) {
			throw new Exception("Proszę podać poprawny login i hasło!");
		}

		return (object)[
			'ID' => $item['ID'],
			'ADM_ACCOUNT' => $item['LOGIN'], // AUTHORIZE_USER, ADM_ACCOUNT
			'ADM_NAME' => implode(" ", [ $item['P_NAME'], $item['P_NAME_SECOND'] ]), // ADM_NAME
			'ADM_TECH_WORKER' => "", // ADM_TECH_WORKER
			'ADM_COMPANY' => $item['BILLING_OWNER'], // ADM_COMPANY
			'ADM_ADMIN_LEVEL' => 5, // ADM_ADMIN_LEVEL // > 5 will show msg for Kandydat
			'ADM_PHONE' => "", // ADM_PHONE
			'ADM_ADMIN_EXPIRE' => "", // ADM_ADMIN_EXPIRE
			'ADM_ADMIN_DESC' => "", // ADM_ADMIN_DESC
			'EMPLOYEE_TYPE' => "Klient", // EMPLOYEE_TYPE // [ 'Pracownik','Kandydat','Partner','Anonymous','Kontakt','Skrypt' ]
		];
	}

	static function fetchUser($login) {
		$item = DB::getPDO()->tryHandleException([ __CLASS__, 'preparePanelBNAuthTables' ], 'fetchFirst', [
			"
				select c.ID, c.user_mail_contact, c.P_PESEL
			--		, c.PASSWD
					, c.P_NAME, c.P_NAME_SECOND
					, c.BILLING_OWNER -- 1 BN, 3 NETDAY
					, c.is_firma
					, c.P_NIP
					, p.ID as ID_AUTH
					, p.LOGIN
					, p.PASSWD
					, p.REMIND_PASS_KEY
					, p.REMIND_PASS_VALID_TILL
				from COMPANIES c
					left join PANEL_KLIENTA_BN_AUTH p on ( p.ID_BILLING_USERS = c.ID and p.LOGIN = c.user_mail_contact )
				where c.user_mail_contact like :email
			",
			[
				':email' => $login,
			]
		]);
		if (!$item) throw new Exception("BŁĄD: Brak zarejestrowanego użytkownika o wprowadzonym adresie email.");

		if (!$item['ID_AUTH']) {
			$item['P_PESEL'] = trim(str_replace(' ', '', $item['P_PESEL']));
			$item['P_NIP'] = trim(str_replace([' ', '-'], '', $item['P_NIP']));
			$passwd = (!empty($item['P_PESEL'])) ? $item['P_PESEL'] : $item['P_NIP'];
			$hashPass = ($passwd) ? md5($passwd) : null;
			DB::getPDO()->insert('PANEL_KLIENTA_BN_AUTH', [
				'ID_BILLING_USERS' => $item['ID'],
				'LOGIN' => $item['user_mail_contact'],
				'PASSWD' => $hashPass,
				'A_RECORD_CREATE_DATE' => "NOW()",
			]);
			$item['ID_BILLING_USERS'] = $item['ID'];
			$item['LOGIN'] = $item['user_mail_contact'];
			$item['PASSWD'] = $hashPass;
		}

		return $item;
	}

	static function generateRemindKey($email) {
		$remindKey = substr(md5($email . "" . date("Y-m-d H:i:s")), 0, 16);
		$remindTill = date("Y-m-d", mktime(0,0,0, date("m"), date("d") + 2, date("Y")));
		$userInfo = self::fetchUser($email);
		DB::getPDO()->execSql("
			update PANEL_KLIENTA_BN_AUTH
			set REMIND_PASS_KEY = :remind_key
				, REMIND_PASS_VALID_TILL = :remind_till
				, A_RECORD_UPDATE_DATE = NOW()
			where ID_BILLING_USERS = :id_user
				and LOGIN = :login
		", [
			':id_user' => $userInfo['ID'],
			':login' => $userInfo['LOGIN'],
			':remind_key' => $remindKey,
			':remind_till' => $remindTill,
		]);
		return $remindKey;
	}

	static function setPasswd($email, $newPasswd, $remindKey) {
		if (empty($email)) throw new Exception("Missing login!");
		if (empty($newPasswd)) throw new Exception("Missing password!");
		if (empty($remindKey)) throw new Exception("Missing remindKey!");

		// TODO: validate password!
		if (strlen($newPasswd) < 8) throw new Exception("Hasło musi się składać z co najmniej 8 znaków");

		$userInfo = self::fetchUser($email);

		// DBG::nicePrint([
		// 	'c1' => empty($userInfo['REMIND_PASS_KEY']),
		// 	'c2' => $userInfo['REMIND_PASS_KEY'] !== $remindKey,
		// 	'c2.L' => $userInfo['REMIND_PASS_KEY'],
		// 	'c2.R' => $remindKey,
		// 	'c3' =>  date("Y-m-d") > $userInfo['REMIND_PASS_VALID_TILL'],
		// 	'c3.L' => date("Y-m-d"),
		// 	'c3.R' => $userInfo['REMIND_PASS_VALID_TILL'],
		// 	'user' => $userInfo,
		// ], 'DBG');
		if (empty($userInfo['REMIND_PASS_KEY'])
			|| $userInfo['REMIND_PASS_KEY'] !== $remindKey
			|| date("Y-m-d") > $userInfo['REMIND_PASS_VALID_TILL']
		) throw new Exception("Odnośnik do resetowania hasła wydaje się być niesprawny. Proszę użyć funkcji przypomnienia hasła.");

		DB::getPDO()->execSql("
			update PANEL_KLIENTA_BN_AUTH
			set REMIND_PASS_KEY = ''
				, REMIND_PASS_VALID_TILL = '0000-00-00'
				, PASSWD = :hash_passwd
				, A_RECORD_UPDATE_DATE = NOW()
			where ID_BILLING_USERS = :id_user
				and LOGIN = :login
		", [
			':id_user' => $userInfo['ID'],
			':login' => $userInfo['LOGIN'],
			':hash_passwd' => md5($newPasswd),
		]);
	}

	static function preparePanelBNAuthTables() {
		DB::getPDO()->execSql("
			CREATE TABLE IF NOT EXISTS `PANEL_KLIENTA_BN_AUTH` (
				`ID` int(11) NOT NULL AUTO_INCREMENT,
				`ID_BILLING_USERS` int(11) NOT NULL,
				`LOGIN` varchar(255) NOT NULL DEFAULT '',
				`PASSWD` varchar(32) NOT NULL DEFAULT '',
				`REMIND_PASS_KEY` varchar(16) NOT NULL DEFAULT '',
				`REMIND_PASS_VALID_TILL` date NOT NULL DEFAULT '0000-00-00',
				`A_ADM_COMPANY` varchar(64) NOT NULL DEFAULT '',
				`A_CLASSIFIED` varchar(64) NOT NULL DEFAULT '',
				`A_RECORD_CREATE_DATE` datetime NOT NULL,
				`A_RECORD_CREATE_AUTHOR` varchar(20) NOT NULL DEFAULT '',
				`A_RECORD_UPDATE_DATE` datetime NOT NULL,
				`A_RECORD_UPDATE_AUTHOR` varchar(20) NOT NULL DEFAULT '',
				PRIMARY KEY (`ID`),
				UNIQUE KEY `COMPANY_LOGIN` (`LOGIN`, `ID_BILLING_USERS`)
			) ENGINE=MyISAM  DEFAULT CHARSET=latin2 ;
		");
		DB::getPDO()->execSql("
			CREATE TABLE IF NOT EXISTS `PANEL_KLIENTA_BN_AUTH_HIST` (
				`ID` int(11) NOT NULL AUTO_INCREMENT,
				`ID_USERS2` int(11) NOT NULL,
				`ID_BILLING_USERS` varchar(11) NOT NULL DEFAULT 'N/S;',
				`LOGIN` varchar(255) NOT NULL DEFAULT 'N/S;',
				`PASSWD` varchar(32) NOT NULL DEFAULT 'N/S;',
				`REMIND_PASS_KEY` varchar(16) NOT NULL DEFAULT 'N/S;',
				`REMIND_PASS_VALID_TILL` varchar(10) NOT NULL DEFAULT 'N/S;',
				`A_ADM_COMPANY` varchar(64) NOT NULL DEFAULT 'N/S;',
				`A_CLASSIFIED` varchar(64) NOT NULL DEFAULT 'N/S;',
				`A_RECORD_CREATE_DATE` varchar(10) NOT NULL DEFAULT 'N/S;',
				`A_RECORD_CREATE_AUTHOR` varchar(20) NOT NULL DEFAULT 'N/S;',
				`A_RECORD_UPDATE_DATE` varchar(10) NOT NULL DEFAULT 'N/S;',
				`A_RECORD_UPDATE_AUTHOR` varchar(20) NOT NULL DEFAULT 'N/S;',
				PRIMARY KEY (`ID`),
				KEY `ID_USERS2` (`ID_USERS2`)
			) ENGINE=MyISAM  DEFAULT CHARSET=latin2 ;
		");
	}

}