<?php

class UserManager {
	private $cookie_lifetime = 2678400;
	private $db;

	public  $userAccount;

	public function __construct (JSONDB $database) {
		$this->db = $database;

		if (!empty($_SESSION['username'])) {
			$this->userAccount = $this->get($_SESSION['username']);
		}
	}

	public function isLoggedIn () {
		return (!$this->userAccount) ? false : true;
	}

	public function checkLoggedIn () {
		if (!$this->isLoggedIn()) {
			header("Location: /login");
			exit();
		}
	}

	public function isAdmin () {
		if (!$this->userAccount) return false;
		return ($this->userAccount['id'] !== 1) ? false : true; 
	}

	public function getLoggedInAccount () {
		return $this->userAccount;
	}

	public function exists ($username) {
		return (!$this->get($username)) ? false : true;
	}

	public function checkLogin ($username, $password) {
		$userAccount = $this->get($username);
 
		if (!$userAccount || !password_verify($password, $userAccount['password'])) {
			throw new Exception('Account unknown or password wrong.');
		}

		if (!$userAccount['active']) {
			throw new Exception('This account is disabled.');
		}

		$_SESSION['username'] = $userAccount['username'];

		$this->userAccount = $userAccount;

		return true;
	}

	public function logout () {
		$this->userAccount = null;
		session_destroy();

		return true;
	}

	public function get ($username) {
		$result = $this->db->select('*')
			->from('users.json')
			->where(['username' => $username])
			->get();

		if (!isset($result[0])) return false;

		return $result[0];
	}

	public function getAll () {
		$result = $this->db->select('*')
			->from('users.json')
			->get();

		return $result;
	}

	public function getHighestUserId () {
		$data = $this->db->select('id')
			->from('users.json')
			->order_by('id', JSONDB::ASC)
			->get();
		
		return end($data)['id'];
	}

	public function updatePassword ($username, $password) {
		if (!$this->exists($username)) throw new Exception('User doesn\'t exist!');

		$this->db->update(['password' => password_hash($password, PASSWORD_DEFAULT)])
			->from('users.json')
			->where(['username' => $username])
			->trigger();
	}

	public function create ($username, $password, $active = true) {
		if ($this->exists($username)) throw new Exception('This username is already taken.');
//		if(!preg_match('/^[\w-]+$/', $username)) throw new Exception('URI contains not allowed characters.');

		$this->db->insert('users.json', [ 
				'id'       => $this->getHighestUserId()+1,
				'username' => $username,
				'password' => password_hash($password, PASSWORD_DEFAULT),
				'active'   => $active,
			]);
	}

	public function enable ($username) {
		if (!$this->exists($username)) throw new Exception('User doesn\'t exist!');

		$this->db->update(['active' => true])
			->from('users.json')
			->where(['username' => $username])
			->trigger();
	}

	public function disable ($username) {
		if (!$this->exists($username)) throw new Exception('User doesn\'t exist!');

		$this->db->update(['active' => false])
			->from('users.json')
			->where(['username' => $username])
			->trigger();
	}
	
	public function delete ($username) {
		if (!$this->exists($username)) throw new Exception('User doesn\'t exist!');

		$this->db->delete()
			->from('users.json')
			->where(['username' => $username])
			->trigger();
	}
}