<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cache;
use Illuminate\Auth\Events\Verified;

class EmailVerificationCodeController extends Controller
{
    /**
     * Handle email verification via short code.
     */
    public function __invoke(Request $request)
    {
        $request->validate([
            'code' => ['required','string','regex:/^\d{6}$/'],
        ]);

        $user = $request->user();
        if (!$user) {
            return redirect()->route('login');
        }

        if ($user->hasVerifiedEmail()) {
            return redirect()->route('dashboard')->with('status', 'Email already verified.');
        }

        $cacheKey = 'email_verify_code:'.$user->getKey();
        $expected = Cache::get($cacheKey);

        // Normalize submitted code to digits-only string
        $submitted = (string) $request->input('code', '');
        $submitted = preg_replace('/\D+/', '', $submitted ?? '');

        if (!$expected || $expected !== $submitted) {
            return back()->withErrors(['code' => 'Invalid or expired verification code.']);
        }

        // Mark as verified and clear the code
        if ($user->markEmailAsVerified()) {
            event(new Verified($user));
        }
        Cache::forget($cacheKey);

        return redirect()->route('dashboard')->with('status', 'Email verified successfully.');
    }
}