<?php

use App\Enumerators\SessionElement;
use App\Wrappers\CAPTCHAWrapper;
use App\Wrappers\DatabaseInteractions;
use App\Wrappers\SQLQueryBuilderWrapper;

require_once __DIR__ . "/../../vendor/autoload.php";


$captchaResponse = $_POST['g-recaptcha-response'];
CAPTCHAWrapper::HandleCaptchaResponse($captchaResponse);


$username = $_POST['Username'];
$password = $_POST['Password'];


$sha512Hash = hash(algo: 'sha512', data: $password, binary: false);
$hashedPassword = password_hash(password: $sha512Hash, algo: PASSWORD_BCRYPT);

$db = new DatabaseInteractions();

$result = $db->RunSelect(
    queryBuilder: SQLQueryBuilderWrapper::SELECT(
        table: 'Users'
    )
        ->where(cond: 'T.Username LIKE :__username__')
        ->bindValue(name: '__username__', value: $username)
        ->limit(limit: 1)
);

if(sizeof($result) != 1)
{
    echo "invalid user";
    die();
}

$result = $result[0];

if (!password_verify($sha512Hash, $result['PasswordHash']))
{
    echo "invalid password";
    die();
}

if (session_status() == PHP_SESSION_NONE) {
    session_start();
}

$_SESSION[SessionElement::IS_LOGGED_IN->value] = true;
$_SESSION[SessionElement::USER_ID->value] = $result['ID'];
$_SESSION[SessionElement::USERNAME->value] = $result['Username'];

header("Location: /profile");
die();