<?php
// ============================================================
// index.php - Entry Point & Router Utama
// ============================================================

declare(strict_types=1);
error_reporting(E_ALL);
ini_set('display_errors', '0');  // Jangan tampilkan error di production!
ini_set('log_errors', '1');

// Load konfigurasi & class
require_once __DIR__ . '/config/config.php';
require_once __DIR__ . '/config/Database.php';
require_once __DIR__ . '/middleware/Security.php';
require_once __DIR__ . '/controllers/AuthController.php';
require_once __DIR__ . '/controllers/StorageController.php';
require_once __DIR__ . '/controllers/ChatController.php';

// Handle CORS & set header JSON
Security::handleCORS();

// Ambil method & path
$method = $_SERVER['REQUEST_METHOD'];
$path   = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$path   = rtrim($path, '/');

// Logging setiap request
$startTime = microtime(true);
register_shutdown_function(function () use ($startTime, $path, $method) {
    $responseTime = (int)((microtime(true) - $startTime) * 1000);
    $statusCode   = http_response_code();
    try {
        $db = Database::getConnection();
        $db->prepare("
            INSERT INTO request_logs (ip_address, method, endpoint, status_code, response_time_ms, user_agent)
            VALUES (?, ?, ?, ?, ?, ?)
        ")->execute([
            Security::getClientIP(),
            $method,
            $path,
            $statusCode,
            $responseTime,
            substr($_SERVER['HTTP_USER_AGENT'] ?? '', 0, 500),
        ]);
    } catch (Throwable) {}
});

// ─────────────────────────────────────────────────────────────
// ROUTING TABLE
// ─────────────────────────────────────────────────────────────

// ── ROOT ──────────────────────────────────────────────────────
if ($path === '' || $path === '/') {
    Security::respond([
        'name'    => 'API System',
        'version' => '1.0.0',
        'docs'    => 'https://yourdomain.com/docs',
        'endpoints' => [
            'auth'    => '/auth/*',
            'storage' => '/storage/*',
            'chat'    => '/chat/*',
        ],
    ], 200, 'Selamat datang di API System!');
}

// ─────────────────────────────────────────────────────────────
// AUTH ROUTES
// ─────────────────────────────────────────────────────────────

// POST /auth/register
if ($method === 'POST' && $path === '/auth/register') {
    AuthController::register();
}

// GET /auth/verify
if ($method === 'GET' && $path === '/auth/verify') {
    AuthController::verifyEmail();
}

// POST /auth/login
if ($method === 'POST' && $path === '/auth/login') {
    AuthController::login();
}

// POST /auth/api-keys  — buat API key baru
if ($method === 'POST' && $path === '/auth/api-keys') {
    AuthController::createApiKey();
}

// GET /auth/api-keys  — daftar API key milik user
if ($method === 'GET' && $path === '/auth/api-keys') {
    AuthController::listApiKeys();
}

// DELETE /auth/api-keys/{id}  — cabut API key
if ($method === 'DELETE' && preg_match('#^/auth/api-keys/(\d+)$#', $path, $m)) {
    AuthController::revokeApiKey((int)$m[1]);
}

// ─────────────────────────────────────────────────────────────
// STORAGE ROUTES
// ─────────────────────────────────────────────────────────────

// POST /storage/upload
if ($method === 'POST' && $path === '/storage/upload') {
    StorageController::upload();
}

// GET /storage/files
if ($method === 'GET' && $path === '/storage/files') {
    StorageController::listFiles();
}

// GET /storage/stats
if ($method === 'GET' && $path === '/storage/stats') {
    StorageController::stats();
}

// GET /storage/files/{uuid}
if ($method === 'GET' && preg_match('#^/storage/files/([a-f0-9\-]{36})$#', $path, $m)) {
    StorageController::getFile($m[1]);
}

// DELETE /storage/files/{uuid}
if ($method === 'DELETE' && preg_match('#^/storage/files/([a-f0-9\-]{36})$#', $path, $m)) {
    StorageController::deleteFile($m[1]);
}

// ─────────────────────────────────────────────────────────────
// CHAT ROUTES
// ─────────────────────────────────────────────────────────────

// POST /chat/rooms  — buat room baru
if ($method === 'POST' && $path === '/chat/rooms') {
    ChatController::createRoom();
}

// GET /chat/rooms  — daftar room user
if ($method === 'GET' && $path === '/chat/rooms') {
    ChatController::listRooms();
}

// POST /chat/rooms/{uuid}/messages  — kirim pesan
if ($method === 'POST' && preg_match('#^/chat/rooms/([a-f0-9\-]{36})/messages$#', $path, $m)) {
    ChatController::sendMessage($m[1]);
}

// GET /chat/rooms/{uuid}/messages  — ambil pesan
if ($method === 'GET' && preg_match('#^/chat/rooms/([a-f0-9\-]{36})/messages$#', $path, $m)) {
    ChatController::getMessages($m[1]);
}

// DELETE /chat/messages/{uuid}  — hapus pesan (soft delete)
if ($method === 'DELETE' && preg_match('#^/chat/messages/([a-f0-9\-]{36})$#', $path, $m)) {
    ChatController::deleteMessage($m[1]);
}

// GET /chat/rooms/{uuid}/members  — daftar anggota
if ($method === 'GET' && preg_match('#^/chat/rooms/([a-f0-9\-]{36})/members$#', $path, $m)) {
    ChatController::getMembers($m[1]);
}

// ─────────────────────────────────────────────────────────────
// 404 FALLBACK
// ─────────────────────────────────────────────────────────────
Security::abort(404, "Endpoint '$method $path' tidak ditemukan.");