<?php

use App\Classes\BaseHandler;

require __DIR__ . '/../server/utils/init.php';
require __DIR__ . "/Classes/BaseHandler.php";

class QueryHandler extends BaseHandler
{
  public function __construct()
  {
    parent::__construct();
    $this->ensureAllowedOrigin();
  }

  protected function ensureAllowedOrigin(): void
  {
    $allowedHosts = ['coryd.dev', 'www.coryd.dev'];
    $origin = $_SERVER['HTTP_ORIGIN'] ?? '';
    $referer = $_SERVER['HTTP_REFERER'] ?? '';

    $hostAllowed = fn($url) => in_array(parse_url($url, PHP_URL_HOST), $allowedHosts, true);

    if (!$hostAllowed($origin) && !$hostAllowed($referer)) $this->sendErrorResponse("Forbidden — invalid origin", 403);

    $allowedSource = $origin ?: $referer;
    $scheme = parse_url($allowedSource, PHP_URL_SCHEME) ?? 'https';
    $host = parse_url($allowedSource, PHP_URL_HOST);

    header("Access-Control-Allow-Origin: {$scheme}://{$host}");
    header("Access-Control-Allow-Headers: Content-Type");
    header("Access-Control-Allow-Methods: GET, POST");
  }

  public function handleRequest(): void
  {
    $data = $_GET['data'] ?? null;
    $id = $_GET['id'] ?? null;
    $cacheDuration = intval($_GET['cacheDuration'] ?? 3600);

    if (!$data) $this->sendErrorResponse("Missing 'data' parameter", 400);

    $cacheKey = $this->buildCacheKey($data, $id);

    if ($this->cache) {
      $cached = $this->cache->get($cacheKey);
      if ($cached) {
        header('Content-Type: application/json');
        echo $cached;
        exit();
      }
    }

    $query = $id ? "id=eq.$id" : "";

    try {
      $response = $this->fetchFromApi($data, $query);
      $markdownFields = $this->getMarkdownFieldsFromQuery();

      if (!empty($response) && !empty($markdownFields)) $response = $this->parseMarkdownFields($response, $markdownFields);

      $json = json_encode($response);

      if ($this->cache) $this->cache->setex($cacheKey, $cacheDuration, $json);

      header('Content-Type: application/json');
      echo $json;
    } catch (\Exception $e) {
      $this->sendErrorResponse("PostgREST fetch failed: " . $e->getMessage(), 500);
    }
  }

  private function buildCacheKey(string $data, ?string $id): string
  {
    return "proxy_{$data}" . ($id ? "_{$id}" : "");
  }

  private function getMarkdownFieldsFromQuery(): array {
    $fields = $_GET['markdown'] ?? [];

    if (!is_array($fields)) $fields = explode(',', $fields);

    return array_map('trim', array_filter($fields));
  }

  private function parseMarkdownFields(array $data, array $fields): array {
    foreach ($data as &$item) {
      foreach ($fields as $field) {
        if (!empty($item[$field])) $item["{$field}_html"] = parseMarkdown($item[$field]);
      }
    }

    return $data;
  }
}

$handler = new QueryHandler();
$handler->handleRequest();