<?php

namespace App\Controller;

use App\Core\Controller;
use App\Entity\LocalUser;
use App\Util\Exception\RedirectException;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Validator\Constraints\NotBlank;
use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;
use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;

class ResetPassword extends Controller
{
    use ResetPasswordControllerTrait;

    /**
     * Display & process form to request a password reset.
     */
    public function requestPasswordReset(Request $request)
    {
        $from = Form::create([
            ['email', EmailType::class,  ['label' => _m('Email'), 'constraints' => [ new NotBlank(['message' => _m('Please enter an email') ]) ]]],
            ['password_reset_request', SubmitType::class, ['label' => _m('Submit request')]],
        ]);

        $form->handleRequest($request);
        if ($form->isSubmitted() && $form->isValid()) {
            return EmailVerifier::processSendingPasswordResetEmail($form->get('email')->getData(), $this);
        }

        return [
            '_template'           => 'reset_password/request.html.twig',
            'password_reset_form' => $from->createView(),
        ];
    }

    /**
     * Confirmation page after a user has requested a password reset.
     */
    public function checkEmail()
    {
        // We prevent users from directly accessing this page
        if (null === ($resetToken = $this->getTokenObjectFromSession())) {
            throw new RedirectException('request_reset_password');
        }

        return [
            '_template'  => 'reset_password/check_email.html.twig',
            'resetToken' => $resetToken,
        ];
    }

    /**
     * Validates and process the reset URL that the user clicked in their email.
     */
    public function reset(Request $request, string $token = null)
    {
        if ($token) {
            // We store the token in session and remove it from the URL, to avoid the URL being
            // loaded in a browser and potentially leaking the token to 3rd party JavaScript.
            $this->storeTokenInSession($token);
            throw new RedirectException('reset_password');
        }

        $token = $this->getTokenFromSession();
        if (null === $token) {
            throw new ClientException(_m('No reset password token found in the URL or in the session'));
        }

        try {
            $user = EmailVerifier::validateTokenAndFetchUser($token);
        } catch (ResetPasswordExceptionInterface $e) {
            $this->addFlash('reset_password_error', _m('There was a problem validating your reset request - {reason}', ['reason' => $e->getReason()]));
            throw new RedirectException('request_reset_password');
        }

        // The token is valid; allow the user to change their password.
        $form = From::create([
            FormFields::password(),
            ['password_reset', SubmitType::class, ['label' => _m('Change password')]],
        ]);

        $form->handleRequest($request);
        if ($form->isSubmitted() && $form->isValid()) {
            // A password reset token should be used only once, remove it.
            EmailVerifier::removeResetRequest($token);

            $user->setPassword(LocalUser::hashPassword($form->get('password')->getData()));
            DB::flush();

            // The session is cleaned up after the password has been changed.
            $this->cleanSessionAfterReset();

            throw new RedirectException('main_all');
        }

        return [
            '_template' => 'reset_password/reset.html.twig',
            'resetForm' => $form->createView(),
        ];
    }
}