<?php
// Partner Session Management
require_once __DIR__ . '/partner-config.php';

class PartnerSessionManager {
    private $pdo;
    
    public function __construct() {
        $this->pdo = getPartnerDBConnection();
        
        // Start session if not already started
        if (session_status() === PHP_SESSION_NONE) {
            session_start();
        }
        
        // Check for remember me token if partner is not logged in
        if (!$this->isLoggedIn() && isset($_COOKIE['partner_remember_token'])) {
            $this->checkRememberToken($_COOKIE['partner_remember_token']);
        }
    }
    
    public function isLoggedIn() {
        return isset($_SESSION['partner_logged_in']) && 
               $_SESSION['partner_logged_in'] === true && 
               isset($_SESSION['partner_id']) && 
               !empty($_SESSION['partner_id']);
    }
    
    public function getCurrentPartner() {
        if (!$this->isLoggedIn()) {
            return null;
        }
        
        try {
            $stmt = $this->pdo->prepare("
                SELECT id, affiliate_code, type, company_name, incharge_name, 
                       state, postal_code, place_name, mobile, email, url,
                       signup_reward, total_commission_earned, total_commission_redeemed, 
                       commission_balance, status, account_status, last_login, login_count,
                       total_signups, total_verified_signups, created_at
                FROM affiliates 
                WHERE id = ? AND account_status = 'active'
            ");
            $stmt->execute([$_SESSION['partner_id']]);
            return $stmt->fetch();
        } catch (Exception $e) {
            logPartnerActivity('Error fetching current partner', [
                'error' => $e->getMessage(),
                'partner_id' => $_SESSION['partner_id']
            ]);
            return null;
        }
    }
    
    public function requireLogin() {
        if (!$this->isLoggedIn()) {
            $this->redirectToLogin();
        }
        
        // Check if partner still exists and is active
        $partner = $this->getCurrentPartner();
        if (!$partner) {
            $this->logout();
            $this->redirectToLogin('Your session has expired. Please log in again.');
        }
    }
    
    public function logout() {
        // Delete remember me token if exists
        if (isset($_COOKIE['partner_remember_token'])) {
            try {
                $stmt = $this->pdo->prepare("DELETE FROM partner_sessions WHERE session_token = ?");
                $stmt->execute([$_COOKIE['partner_remember_token']]);
            } catch (Exception $e) {
                logPartnerActivity('Error deleting partner remember token', ['error' => $e->getMessage()]);
            }
            setcookie('partner_remember_token', '', time() - 3600, '/', '', true, true);
        }
        
        // Clear session
        session_unset();
        session_destroy();
        
        // Start new session for messages
        session_start();
    }
    
    public function redirectToLogin($message = '') {
        if (!empty($message)) {
            $_SESSION['partner_login_message'] = $message;
        }
        header('Location: /partners/partner-login.php');
        exit;
    }
    
    public function login($email, $password, $rememberMe = false) {
        try {
            // Find partner by email
            $stmt = $this->pdo->prepare("
                SELECT id, email, password_hash, company_name, is_password_set, account_status
                FROM affiliates 
                WHERE email = ? AND account_status IN ('active', 'pending')
            ");
            $stmt->execute([$email]);
            $partner = $stmt->fetch();
            
            if (!$partner) {
                return ['success' => false, 'message' => 'Invalid email or password.'];
            }
            
            // Check if password is set
            if (!$partner['is_password_set'] || empty($partner['password_hash'])) {
                return ['success' => false, 'message' => 'Please set your password first using the link sent to your email.'];
            }
            
            // Verify password
            if (!password_verify($password, $partner['password_hash'])) {
                return ['success' => false, 'message' => 'Invalid email or password.'];
            }
            
            // Check account status
            if ($partner['account_status'] !== 'active') {
                return ['success' => false, 'message' => 'Your account is not active. Please contact support.'];
            }
            
            // Create session
            session_regenerate_id(true);
            $_SESSION['partner_logged_in'] = true;
            $_SESSION['partner_id'] = $partner['id'];
            $_SESSION['partner_email'] = $partner['email'];
            $_SESSION['partner_company'] = $partner['company_name'];
            $_SESSION['partner_login_time'] = time();
            
            // Update last login
            $stmt = $this->pdo->prepare("
                UPDATE affiliates 
                SET last_login = NOW(), login_count = login_count + 1 
                WHERE id = ?
            ");
            $stmt->execute([$partner['id']]);
            
            // Handle remember me
            if ($rememberMe) {
                $token = generatePartnerToken();
                $expires = date('Y-m-d H:i:s', strtotime('+30 days'));
                
                $stmt = $this->pdo->prepare("
                    INSERT INTO partner_sessions (affiliate_id, session_token, expires_at) 
                    VALUES (?, ?, ?)
                ");
                $stmt->execute([$partner['id'], $token, $expires]);
                
                setcookie('partner_remember_token', $token, strtotime('+30 days'), '/', '', true, true);
            }
            
            logPartnerActivity('Partner login successful', [
                'partner_id' => $partner['id'],
                'email' => $partner['email']
            ]);
            
            return ['success' => true];
            
        } catch (Exception $e) {
            logPartnerActivity('Partner login error', ['email' => $email, 'error' => $e->getMessage()]);
            return ['success' => false, 'message' => 'An error occurred. Please try again.'];
        }
    }
    
    private function checkRememberToken($token) {
        try {
            // Find valid session
            $stmt = $this->pdo->prepare("
                SELECT ps.affiliate_id, a.email, a.company_name
                FROM partner_sessions ps
                JOIN affiliates a ON ps.affiliate_id = a.id
                WHERE ps.session_token = ? AND ps.expires_at > NOW() AND a.account_status = 'active'
            ");
            $stmt->execute([$token]);
            $session = $stmt->fetch();
            
            if ($session) {
                // Restore session
                $_SESSION['partner_logged_in'] = true;
                $_SESSION['partner_id'] = $session['affiliate_id'];
                $_SESSION['partner_email'] = $session['email'];
                $_SESSION['partner_company'] = $session['company_name'];
                $_SESSION['partner_login_time'] = time();
                
                // Update last login
                $stmt = $this->pdo->prepare("UPDATE affiliates SET last_login = NOW() WHERE id = ?");
                $stmt->execute([$session['affiliate_id']]);
                
                logPartnerActivity('Partner auto-logged in via remember token', [
                    'partner_id' => $session['affiliate_id'],
                    'email' => $session['email']
                ]);
            } else {
                // Invalid or expired token - delete it
                setcookie('partner_remember_token', '', time() - 3600, '/', '', true, true);
            }
        } catch (Exception $e) {
            logPartnerActivity('Error checking partner remember token', ['error' => $e->getMessage()]);
        }
    }
    
    public function updateLastActivity() {
        if ($this->isLoggedIn()) {
            $_SESSION['partner_last_activity'] = time();
        }
    }
    
    public function checkSessionTimeout() {
        if ($this->isLoggedIn() && isset($_SESSION['partner_last_activity'])) {
            if (time() - $_SESSION['partner_last_activity'] > PARTNER_SESSION_TIMEOUT) {
                $this->logout();
                $this->redirectToLogin('Your session has expired due to inactivity.');
            }
        }
        $this->updateLastActivity();
    }
}

// Global function to get partner session manager instance
function getPartnerSessionManager() {
    static $instance = null;
    if ($instance === null) {
        $instance = new PartnerSessionManager();
    }
    return $instance;
}

// Convenience functions
function requirePartnerLogin() {
    getPartnerSessionManager()->requireLogin();
}

function getCurrentPartner() {
    return getPartnerSessionManager()->getCurrentPartner();
}

function isPartnerLoggedIn() {
    return getPartnerSessionManager()->isLoggedIn();
}

function partnerLogout() {
    getPartnerSessionManager()->logout();
}
?>