<?php
declare(strict_types=1);

require_once __DIR__ . '/../modules/shared/auth/service.php';
require_once __DIR__ . '/../modules/shared/auth/ui/login.php';
require_once __DIR__ . '/../modules/shared/auth/ui/home.php';
require_once __DIR__ . '/../modules/erp/bestellungen/service.php';
require_once __DIR__ . '/../modules/erp/lager/service.php';

$env = expand_env_values(parse_env_file(__DIR__ . '/../.env'));
$pdo = connect_database($env);
auth_bootstrap_session();
auth_ensure_schema($pdo);

if (($_SERVER['REQUEST_METHOD'] ?? 'GET') === 'POST') {
    $csrfToken = (string) ($_POST['csrf_token'] ?? '');
    if (!auth_validate_csrf_token($csrfToken)) {
        render_auth_login_page([
            'identifier_value' => (string) ($_POST['identifier'] ?? ''),
            'errors' => [
                'identifier' => 'Ungültiges Sicherheits-Token. Bitte Seite neu laden.',
                'password' => null,
            ],
        ]);
        exit;
    }

    $loginResult = auth_login(
        $pdo,
        (string) ($_POST['identifier'] ?? ''),
        (string) ($_POST['password'] ?? '')
    );

    if (($loginResult['ok'] ?? false) === true) {
        header('Location: ' . auth_take_return_to());
        exit;
    }

    render_auth_login_page([
        'identifier_value' => (string) ($_POST['identifier'] ?? ''),
        'errors' => $loginResult['errors'] ?? [],
    ]);
    exit;
}

$currentUser = auth_current_user($pdo);
if ($currentUser !== null) {
    $otcProducts = get_otc_order_form_products($pdo);
    $bestellungenTable = get_sales_order_overview($pdo, [
        'search' => (string) ($_GET['bestellungen_search'] ?? ''),
        'sort_column' => (string) ($_GET['bestellungen_sort'] ?? 'order_date'),
        'sort_direction' => (string) ($_GET['bestellungen_dir'] ?? 'DESC'),
        'limit' => (int) ($_GET['bestellungen_limit'] ?? 20),
        'page_size' => 20,
    ]);
    if ((string) ($_GET['bestellungen_fragment'] ?? '') === '1') {
        echo auth_render_bestellungen_content($bestellungenTable);
        exit;
    }
    render_auth_home_page($currentUser, $otcProducts, $bestellungenTable);
    exit;
}

render_auth_login_page([
    'identifier_value' => '',
    'errors' => [
        'identifier' => null,
        'password' => null,
    ],
]);