<?php

require_once __DIR__.'/../bootstrap.php';

use App\Classes\BaseHandler;

class QueryHandler extends BaseHandler
{
    public function __construct()
    {
        parent::__construct();
        $this->ensureAllowedOrigin();
    }

    protected function ensureAllowedOrigin(): void
    {
        $allowedHosts = ['coryd.dev', 'www.coryd.dev', 'localhost'];
        $origin = $_SERVER['HTTP_ORIGIN'] ?? '';
        $referer = $_SERVER['HTTP_REFERER'] ?? '';
        $hostAllowed = fn ($url) => in_array(parse_url($url, PHP_URL_HOST), $allowedHosts, true);

        if (! $hostAllowed($origin) && ! $hostAllowed($referer)) {
            $this->sendErrorResponse('Forbidden: invalid origin', 403);
        }

        $allowedSource = $origin ?: $referer;
        $scheme = parse_url($allowedSource, PHP_URL_SCHEME) ?? 'https';
        $host = parse_url($allowedSource, PHP_URL_HOST);

        header("Access-Control-Allow-Origin: {$scheme}://{$host}");
        header('Access-Control-Allow-Headers: Content-Type');
        header('Access-Control-Allow-Methods: GET, POST');
    }

    public function handleRequest(): void
    {
        $data = $_GET['data'] ?? null;
        $id = $_GET['id'] ?? null;
        $cacheDuration = intval($_GET['cacheDuration'] ?? 3600);

        if (! $data) {
            $this->sendErrorResponse("Missing 'data' parameter", 400);
        }

        $cacheKey = $this->buildCacheKey($data, $id);

        if ($this->cache) {
            $cached = $this->cache->get($cacheKey);

            if ($cached) {
                header('Content-Type: application/json');
                echo $cached;
                exit();
            }
        }

        $query = $id ? "id=eq.$id" : '';

        try {
            $response = $this->fetchFromApi($data, $query);
            $markdownFields = $this->getMarkdownFieldsFromQuery();

            if (! empty($response) && ! empty($markdownFields)) {
                $response = $this->parseMarkdownFields($response, $markdownFields);
            }

            $json = json_encode($response);

            if ($this->cache) {
                $this->cache->setex($cacheKey, $cacheDuration, $json);
            }

            header('Content-Type: application/json');
            echo $json;
        } catch (\Exception $e) {
            $this->sendErrorResponse('PostgREST fetch failed: '.$e->getMessage(), 500);
        }
    }

    private function buildCacheKey(string $data, ?string $id): string
    {
        return "proxy_{$data}".($id ? "_{$id}" : '');
    }

    private function getMarkdownFieldsFromQuery(): array
    {
        $fields = $_GET['markdown'] ?? [];

        if (! is_array($fields)) {
            $fields = explode(',', $fields);
        }

        return array_map('trim', array_filter($fields));
    }

    private function parseMarkdownFields(array $data, array $fields): array
    {
        foreach ($data as &$item) {
            foreach ($fields as $field) {
                if (! empty($item[$field])) {
                    $item["{$field}_html"] = parseMarkdown($item[$field]);
                }
            }
        }

        return $data;
    }
}

$handler = new QueryHandler();
$handler->handleRequest();