<?php

namespace App\Filters;

use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;

class AuthFilter implements FilterInterface
{
    public function before(RequestInterface $request, $arguments = null)
    {
        // Check if user is logged in
        if (!session()->get('is_logged_in')) {
            return redirect()->to('/auth/login');
        }

        // Check if user role is admin or editor
        $userRole = session()->get('role');
        if (!in_array($userRole, ['admin', 'editor'])) {
            session()->destroy();
            return redirect()->to('/auth/login')->with('error', 'Anda tidak memiliki akses ke sistem ini.');
        }

        // If role arguments are provided, check user role
        if ($arguments !== null && !empty($arguments)) {
            if (!in_array($userRole, $arguments)) {
                return redirect()->to('/admin')->with('error', 'Anda tidak memiliki akses ke halaman ini.');
            }
        }

        return $request;
    }

    public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
    {
        // Do nothing
    }
}