<?php

namespace modules\users\views\auth;

use Users;
use modules\users\views\AuthForm;

/**
 * Auth > Forgot > Finish
 * @copyright Tamaranga
 */
class ForgotFinish extends AuthForm
{
    /** @var string */
    public $title = '';

    public function init()
    {
        parent::init();

        $this->setTemplate('auth/forgot.finish', 'users');
    }

    public function data()
    {
        $data = parent::data();

        if ($this->request->user()) {
            return Users::redirectToAccountSettings();
        }

        $data['social'] = $this->fromSocial();
        $data['code'] = $this->request->get('code', [TYPE_NOTAGS, 'limit' => 100]);
        $data['login_url'] = $this->loginUrl();

        return $data;
    }

    public function fromSocial()
    {
        return $this->request->get('social', TYPE_BOOL);
    }

    public function validate($data = [])
    {
        $data = $this->validateUsingRules($data, [
            'code' => [TYPE_NOTAGS, 'limit' => 100],
            'password' => [TYPE_NOTRIM],
        ]);

        $this->security->validatePassword($data['password']);

        if ($this->errors->no()) {
            $data = $this->validateBlocks($data);
        }

        return $data;
    }

    public function submit()
    {
        do {
            if ($this->request->user()) {
                $this->errors->reloadPage();
                break;
            }
            if (! $this->security->validateReferer()) {
                $this->errors->reloadPage();
                break;
            }

            $data = $this->validate();
            if ($this->errors->any()) {
                break;
            }

            # Get user account data by recovery code
            $user = Users::model()->userDataByFilter(
                [
                    'blocked'      => 0,
                    'activate_key' => $data['code'],
                    ['activate_expire > :expire', ':expire' => $this->db->now()],
                ],
                ['user_id', 'email', 'password', 'password_salt', 'activated']
            );
            # Не нашли, возможные причины:
            # 1) Истек срок действия ссылки восстановления / неверная ссылка восстановления
            # 2) Аккаунт заблокирован
            # 3) Запрещаем смену пароля администраторам
            if (empty($user) || Users::model()->userIsAdministrator($user['user_id'])) {
                $this->errors->set(_t('users', 'The password recovery link has expired or the link is invalid, <a href="[link_fogot]">retry</a>.', [
                    'link_fogot' => $this->forgotUrl(),
                ]));
                break;
            }
            $userID = $user['user_id'];

            # Update password & activate account (confirm email)
            Users::userActivate($userID, [
                'password' => $data['password'],
                'passwordSalt' => $user['password_salt'],
                'verifyEmail' => $this->emailOnly(),
                'verifyPhone' => $this->phoneOnly(), # todo: $this->phoneAndEmail()
                'registeredEvent' => empty($user['activated']),
            ]);

            # Link social account
            if ($this->fromSocial()) {
                Users::social()->authFinish($userID);
            }

            # Show success & redirect to login page
            $this->respond('success_message', _t('users', 'Your password has been changed successfully.'));
            $this->respond('redirect', $this->loginUrl());
        } while (false);

        return parent::submit();
    }
}