<?php

declare(strict_types=1);

namespace Silex\Security;

use Silex\Gateway\UserGateway;
use Silex\Model\User;


class Security
{
    const tokenSession = 'tokenSession';
    private array $session;
    private UserGateway $userGateway;
    private ?User $user = null;

    public function __construct(UserGateway $userGateway, array &$session)
    {
        $this->userGateway = $userGateway;
        $this->session = &$session;
    }

    public function initLogin(string $login, string $rawPassword): bool
    {
        $user = $this->userGateway->getByLogin($login);
        if ($user === null || !password_verify($rawPassword, $user->getPasswordHash())) {
            return false;
        }
        $this->session[tokenSession] = $user->getId();
        $this->user = $user;
        return true;
    }

    public function logout(): bool
    {
        
        if(session_unset()){
            return true;
        }
        $this->user = null;
        session_unset();
        session_destroy();
        $_SESSION['role'] = "";
        $_SESSION=array();
        unset($this->session[tokenSession]);
        return true;
    }

    public function getCurrentUser(): ?User
    {
        if (!empty($this->session[tokenSession]) && $this->user === null) {
            $this->user = $this->userGateway->getById($this->session[tokenSession]);
        }
        return $this->user;
    }
}