<?php

namespace App\Controllers;

class Auth extends BaseController {
    public function login() {
        if ($this->request->getMethod() === 'GET') { 
            return view('login');
        } else if ($this->request->getMethod() === 'POST') {
            helper(['form', 'url']);
            $session = session();
            $db = \Config\Database::connect();

            $userid = strtoupper(trim($this->request->getPost('userid')));
            $password = $this->request->getPost('password');

            // Gunakan raw SQL sesuai kolom di tabel kamu
            $query = $db->query("SELECT * FROM gdc_cmod.dbo.USERS WHERE USERID = ?", [$userid]);
            $user = $query->getRowArray();

            if ($user && !empty($user['PASSWORD']) && password_verify($password, $user['PASSWORD'])) {
                // Simpan session
                $session->set([
                    'isLoggedIn' => true,
                    'userid'     => (string) $user['USERID'],
                    'userlevel'  => (int) $user['USERLEVEL'],
                ]);

                // Redirect sesuai level dari data didatabase
                switch ((int)$user['USERLEVEL']) {
                    case 1: return redirect()->to('/admin');
                    case 2: return redirect()->to('/doctor');
                    case 3: return redirect()->to('/analyst');
                    case 4: return redirect()->to('/cs');
                    default: return redirect()->to('/login');
                }
            } else {
                $session->setFlashdata('error', 'USERID atau PASSWORD salah.');
                return redirect()->back();
            }

        }
        
    }

    public function logout() {
        session()->destroy();
        return redirect()->to('/login');
    }
}