<?php

namespace App\Http\Controllers;

use App\Laravue\Models\User;
use App\Order;
use App\OwnerReward;
use App\Payment;
use App\Product;
use App\Services\PayjpThreeDSecureService;
use App\UserCard;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Str;
use Payjp\Charge;
use Payjp\Payjp;

class OrderPaymentController extends Controller
{
    public function __construct()
    {
        Payjp::setApiKey(config('payjp.secret_key'));
    }

    /**
     * Show payment form for order
     */
    public function showPaymentForm($token)
    {
        $order = Order::where('payment_token', $token)
            ->where('payment_status', 0) // unpaid
            ->first();

        if (!$order) {
            return view('payment.error')->with('message', 'お支払いリンクが無効または期限切れです。');
        }

        if ($order->payment_token_expires_at && now()->gt($order->payment_token_expires_at)) {
            return view('payment.error')->with('message', 'お支払いリンクの有効期限が切れています。お手数ですが、再度お支払いリンクの発行をご依頼ください。');
        }

        return view('payment.credit_card', compact('order'));
    }

    /**
     * Process credit card payment
     */
    public function processPayment(Request $request, $token, PayjpThreeDSecureService $threeDSecure)
    {
        $order = Order::where('payment_token', $token)
            ->where('payment_status', 0)
            ->first();

        if (!$order) {
            return response()->json(['error' => 'お支払いリンクが無効です。'], 400);
        }

        if ($order->payment_token_expires_at && now()->gt($order->payment_token_expires_at)) {
            return response()->json(['error' => 'お支払いリンクの有効期限が切れています。お手数ですが、再度お支払いリンクの発行をご依頼ください。'], 400);
        }

        try {
            $user = User::find($order->user_id);
            if (!$user) {
                return response()->json(['error' => 'ユーザー情報が見つかりません。'], 400);
            }

            // カード情報からPAY.JPトークンを作成（通常の注文フローと同じ方式）
            $cardNumber = str_replace(' ', '', $request->card_number);
            $cardExp = explode('/', $request->card_exp);
            $expMonth = $cardExp[0];
            $expYear = '20' . $cardExp[1];

            $tokenResponse = \Payjp\Token::create([
                'card' => [
                    'number'    => $cardNumber,
                    'exp_month' => $expMonth,
                    'exp_year'  => $expYear,
                    'cvc'       => $request->card_cvc,
                    'name'      => $request->card_name ?? '',
                ]
            ], [
                'payjp_direct_token_generate' => 'true'
            ]);
            $payjpToken = $tokenResponse->id;

            // PAY.JP顧客にカードを登録
            $card = null;
            if ($user->payjp_customer_id) {
                try {
                    $customer = \Payjp\Customer::retrieve($user->payjp_customer_id);
                    $card = $customer->cards->create(['card' => $payjpToken]);
                } catch (\Exception $e) {
                    // 顧客がPAY.JP側で存在しない/削除済みの場合は新規作成
                    $customer = \Payjp\Customer::create([
                        'email' => $user->email,
                        'card'  => $payjpToken,
                    ]);
                    $user->update(['payjp_customer_id' => $customer->id]);
                }
            } else {
                $customer = \Payjp\Customer::create([
                    'email' => $user->email,
                    'card'  => $payjpToken,
                ]);
                $user->update(['payjp_customer_id' => $customer->id]);
            }

            $payjpCardId = $card?->id ?? $customer->default_card;
            $payjpCard = $customer->cards->retrieve($payjpCardId);
            $threeDSecureRequest = $threeDSecure->createRequest($payjpCardId);

            $userCard = UserCard::create([
                'user_id' => $user->id,
                'payjp_card_id' => $payjpCardId,
                'payjp_three_d_secure_request_id' => $threeDSecureRequest['id'] ?? null,
                'payjp_three_d_secure_status' => $threeDSecureRequest['three_d_secure_status'] ?? 'unverified',
                'card_number' => null,
                'card_exp_month' => str_pad($payjpCard->exp_month, 2, '0', STR_PAD_LEFT),
                'card_exp_year' => substr($payjpCard->exp_year, -2),
                'card_cvc' => null,
                'card_last_four' => $payjpCard->last4,
                'card_name' => $payjpCard->name ?? ($request->card_name ?? ''),
                'card_brand' => $payjpCard->brand ?? 'Credit Card',
                'card_brand_logo' => strtolower(str_replace(' ', '_', $payjpCard->brand ?? 'Credit Card')) . '.png',
                'is_activated' => 0,
                'created_at' => now(),
                'updated_at' => now(),
            ]);

            Log::info("OrderPaymentController: 3Dセキュア認証待ち order_id={$order->id}, user_id={$user->id}, card_id={$userCard->id}");

            return response()->json([
                'success' => false,
                'status' => 'pending_3ds',
                'card_id' => $userCard->id,
                'three_d_secure_request_id' => $threeDSecureRequest['id'] ?? null,
                'payjp_public_key' => config('payjp.public_key'),
            ]);

        } catch (\Exception $e) {
            Log::error("OrderPaymentController: カード登録失敗 order_id={$order->id}, error={$e->getMessage()}");
            return response()->json(['error' => 'カード情報の登録に失敗しました。入力内容をご確認ください。'], 500);
        }
    }

    public function completeThreeDSecure(Request $request, $token, PayjpThreeDSecureService $threeDSecure)
    {
        $order = Order::where('payment_token', $token)
            ->where('payment_status', 0)
            ->first();

        if (!$order) {
            return response()->json(['error' => 'お支払いリンクが無効です。'], 400);
        }

        $card = UserCard::where('id', $request->get('card_id'))
            ->where('user_id', $order->user_id)
            ->where('is_deleted', 0)
            ->first();

        if (!$card || !$card->payjp_three_d_secure_request_id) {
            return response()->json(['error' => '3Dセキュア認証情報が見つかりません。'], 400);
        }

        try {
            $result = $threeDSecure->retrieveRequest($card->payjp_three_d_secure_request_id);
            $status = $result['three_d_secure_status'] ?? 'unverified';

            if (!$threeDSecure->isSuccessful($result)) {
                $card->update([
                    'payjp_three_d_secure_status' => $status,
                    'is_activated' => 0,
                    'is_default' => 0,
                ]);

                return response()->json(['error' => '3Dセキュア認証が完了していません。もう一度カード登録を行ってください。'], 400);
            }

            $user = User::find($order->user_id);
            UserCard::where('user_id', $order->user_id)->update(['is_default' => 0]);
            $card->update([
                'payjp_three_d_secure_status' => $status,
                'payjp_three_d_secure_verified_at' => now(),
                'is_activated' => 1,
                'is_default' => 1,
            ]);

            if ($user && $user->payjp_customer_id && $card->payjp_card_id) {
                $customer = \Payjp\Customer::retrieve($user->payjp_customer_id);
                $customer->default_card = $card->payjp_card_id;
                $customer->save();
            }

            $order->update([
                'payment_token' => null,
                'payment_card_id' => $card->payjp_card_id,
                'updated_at' => now(),
            ]);

            Log::info("OrderPaymentController: 3Dセキュア認証済みカード登録完了 order_id={$order->id}, user_id={$order->user_id}");

            return response()->json(['success' => true, 'message' => 'カード情報を登録しました。着用日の11日前に自動決済が行われます。']);
        } catch (\Exception $e) {
            Log::error("OrderPaymentController: 3Dセキュア確認失敗 order_id={$order->id}, error={$e->getMessage()}");
            return response()->json(['error' => '3Dセキュア認証結果の確認に失敗しました。'], 500);
        }
    }
}
