// public/dashboard/js/auth.js
// Handles login flow and auth helpers (JWT in localStorage)

import { apiLogin } from './api.js';

const TOKEN_KEY = 'token';
const USER_KEY = 'user';

export const Auth = {
  isAuthenticated() {
    return !!localStorage.getItem(TOKEN_KEY);
  },

  saveToken(token) {
    localStorage.setItem(TOKEN_KEY, token);
  },

  saveUser(user) {
    localStorage.setItem(USER_KEY, JSON.stringify(user || {}));
  },

  logout() {
    console.log('[Auth] Logout called');
    localStorage.removeItem(TOKEN_KEY);
    localStorage.removeItem(USER_KEY);
    sessionStorage.removeItem('auth_redirect_done');
    
    // Deteksi path yang benar untuk redirect
    const currentPath = window.location.pathname;
    let loginPath = '../index.html';
    
    // Jika di dashboard/, gunakan ../index.html
    // Jika di root, gunakan index.html
    if (currentPath.includes('/dashboard/')) {
      loginPath = '../index.html';
    } else if (currentPath.endsWith('/') || currentPath === '/') {
      loginPath = 'index.html';
    } else {
      // Fallback: coba detect dari current path
      const pathParts = currentPath.split('/').filter(p => p);
      if (pathParts.length > 0 && pathParts[pathParts.length - 1].includes('dashboard')) {
        loginPath = '../index.html';
      } else {
        loginPath = 'index.html';
      }
    }
    
    console.log('[Auth] Redirecting to:', loginPath, 'from:', currentPath);
    window.location.href = loginPath;
  }
};

async function handleLoginSubmit(event) {
  event.preventDefault();

  const form = event.currentTarget;
  const usernameInput = form.querySelector('#username');
  const passwordInput = form.querySelector('#password');
  const errorBox = document.getElementById('login-error');
  const submitBtn = form.querySelector('button[type="submit"]');

  if (errorBox) {
    errorBox.classList.remove('visible');
    errorBox.textContent = '';
  }

  submitBtn.disabled = true;
  submitBtn.textContent = 'Masuk...';

  try {
    const username = usernameInput.value.trim();
    const password = passwordInput.value;

    const data = await apiLogin(username, password);
    const token = data.token;
    const user = data.user;

    if (!token) {
      throw new Error('Token tidak ditemukan dalam response login.');
    }

    Auth.saveToken(token);
    Auth.saveUser(user);

    window.location.href = 'dashboard.html';
  } catch (err) {
    console.error('Login failed', err);
    if (errorBox) {
      errorBox.textContent = err.message || 'Login gagal. Silakan coba lagi.';
      errorBox.classList.add('visible');
    }
  } finally {
    submitBtn.disabled = false;
    submitBtn.textContent = 'Login';
  }
}

// Attach events on login page only
// Hapus auto-redirect untuk mencegah redirect loop
// Redirect hanya setelah login berhasil (di handleLoginSubmit)
document.addEventListener('DOMContentLoaded', () => {
  const form = document.getElementById('login-form');
  if (form) {
    form.addEventListener('submit', handleLoginSubmit);
  }
});