<?php
require_once 'includes/globals.php';
require_once 'vendor/autoload.php';

use DJMixHosting\Database;
use DJMixHosting\User;
use DJMixHosting\SessionManager;
use Aws\Ses\SesClient;
use Aws\Exception\AwsException;

// If the user is already logged in, redirect them
if (SessionManager::getUser()) {
    header("Location: profile.php");
    exit;
}

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // Gather form fields
    $username         = trim($_POST['username'] ?? '');
    $email            = trim($_POST['email'] ?? '');
    $password         = $_POST['password'] ?? '';
    $confirm_password = $_POST['confirm_password'] ?? '';
    $first_name       = trim($_POST['first_name'] ?? '');
    $last_name        = trim($_POST['last_name'] ?? '');

    // Basic validation
    $errors = [];
    if (empty($username) || empty($email) || empty($password) || empty($confirm_password) || empty($first_name) || empty($last_name)) {
        $errors[] = "All fields are required.";
    }
    if ($password !== $confirm_password) {
        $errors[] = "Passwords do not match.";
    }
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $errors[] = "Invalid email format.";
    }
    if (!preg_match('/^[a-zA-Z0-9_]{3,25}$/', $username)) {
        $errors[] = "Invalid username format.";
    }

    if (!empty($errors)) {
        $_SESSION['error'] = implode(" ", $errors);
        header("Location: register.php");
        exit;
    }

    $db = new Database($config);
    $user = new User($db);

    try {
        // Delegate registration to the User class
        $user_id = $user->newUser($username, $password, $email, $first_name, $last_name);
    } catch (\Exception $e) {
        $_SESSION['error'] = $e->getMessage();
        header("Location: register.php");
        exit;
    }

    // Log the user in using SessionManager
    SessionManager::setUser([
        'id'       => $user_id,
        'username' => $username,
        'email'    => $email
    ]);

    // Trigger email verification: generate a verification code valid for 15 minutes
    $verification_code = bin2hex(random_bytes(16));
    $expires_at = date("Y-m-d H:i:s", strtotime("+15 minutes"));

    // Insert verification record (with purpose 'email_verification')
    $stmt = $db->prepare("REPLACE INTO email_verifications (user_id, email, verification_code, expires_at, purpose) VALUES (?, ?, ?, ?, 'email_verification')");
    $stmt->bind_param("isss", $user_id, $email, $verification_code, $expires_at);
    $stmt->execute();
    $stmt->close();

    // Send verification email via AWS SES
    $sesClient = new SesClient([
        'version'     => 'latest',
        'region'      => $config['aws']['ses']['region'],
        'credentials' => [
            'key'    => $config['aws']['ses']['access_key'],
            'secret' => $config['aws']['ses']['secret_key']
        ]
    ]);
    $sender_email    = $config['aws']['ses']['sender_email'];
    $recipient_email = $email;
    $subject         = "Verify Your Email Address";
    $verification_link = $config['app']['url'] . "/verify_email.php?code={$verification_code}";
    $body_text       = "Thank you for registering at " . $config['app']['name'] . ".\n\n";
    $body_text      .= "Please verify your email address by clicking the link below or by entering the verification code in your profile:\n\n";
    $body_text      .= "{$verification_link}\n\nYour verification code is: {$verification_code}\nThis code will expire in 15 minutes.";

    try {
        $sesClient->sendEmail([
            'Destination'       => ['ToAddresses' => [$recipient_email]],
            'ReplyToAddresses'  => [$sender_email],
            'Source'            => $sender_email,
            'Message'           => [
                'Body'    => [
                    'Text' => [
                        'Charset' => 'UTF-8',
                        'Data'    => $body_text,
                    ],
                ],
                'Subject' => [
                    'Charset' => 'UTF-8',
                    'Data'    => $subject,
                ],
            ],
        ]);
        $_SESSION['success'] = "Registration successful! A verification email has been sent to your email address.";
    } catch (AwsException $e) {
        $_SESSION['error'] = "Registration successful, but failed to send verification email: " . $e->getAwsErrorMessage();
    }

    header("Location: profile.php");
    exit;
}

require_once 'includes/header.php';
?>

<section class="register-section py-5">
    <div class="container">
        <div class="row justify-content-center">
            <div class="col-lg-6">
                <?php
                if (isset($_SESSION['error'])) {
                    echo '<div class="alert alert-danger alert-dismissible fade show mb-4" role="alert">'
                        . htmlspecialchars($_SESSION['error'])
                        . '<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button></div>';
                    unset($_SESSION['error']);
                }
                ?>
                <div class="card shadow-sm border-0">
                    <div class="card-body p-4">
                        <h3 class="text-center mb-4">Register</h3>
                        <form action="register.php" method="post" class="needs-validation" novalidate>
                            <div class="mb-3">
                                <label for="username" class="form-label">Username</label>
                                <input type="text" class="form-control" id="username" name="username" required>
                            </div>
                            <div class="mb-3">
                                <label for="email" class="form-label">Email</label>
                                <input type="email" class="form-control" id="email" name="email" required>
                            </div>
                            <div class="mb-3">
                                <label for="firstName" class="form-label">First Name</label>
                                <input type="text" class="form-control" id="firstName" name="first_name" required>
                            </div>
                            <div class="mb-3">
                                <label for="lastName" class="form-label">Last Name</label>
                                <input type="text" class="form-control" id="lastName" name="last_name" required>
                            </div>
                            <div class="mb-3">
                                <label for="password" class="form-label">Password</label>
                                <input type="password" class="form-control" id="password" name="password" required>
                            </div>
                            <div class="mb-3">
                                <label for="confirm_password" class="form-label">Confirm Password</label>
                                <input type="password" class="form-control" id="confirm_password" name="confirm_password" required>
                            </div>
                            <button type="submit" class="btn btn-primary w-100">Register</button>
                        </form>
                    </div>
                </div>
                <div class="text-center mt-4">
                    <p class="mb-0">Already have an account? <a href="login.php" class="text-decoration-none">Login</a></p>
                </div>
            </div>
        </div>
    </div>
</section>

<?php require_once 'includes/footer.php'; ?>