<?php

namespace customerapi\controllers;


use common\models\Customer;
use Exception;
use Lcobucci\JWT\Token;
use sizeg\jwt\JwtHttpBearerAuth;
use Yii;
use yii\filters\auth\AuthMethod;
use yii\filters\Cors;
use yii\rest\Controller;

class RestController extends Controller
{

    public function behaviors()
    {
        $behaviors = parent::behaviors();
        $behaviors['authenticator'] = [
            'class' => JwtHttpBearerAuth::class,
            'auth' => [$this, 'auth'],
            'optional' => $this->getOptionalActions(),
        ];
        $behaviors['corsFilter'] = [
            'class' => Cors::class,
            'cors' => [
                // restrict access to
                'Origin' => ['https://botondfitness.hu'],
                // Allow credentials (cookies, authorization headers, etc.) to be exposed to the browser
                'Access-Control-Allow-Credentials' => true,
            ]
        ];
        return $behaviors;
    }

    /**
     * This method will check the token
     * @param  Token $token
     * @return Customer|null
     */
    public function auth($token)
    {
        if ( !isset($token ) ) {
            return  null;
        }
        try {
            $uid = (string) $token->getClaim('uid');
            $customer = Customer::findOne(['id_customer' => $uid]);
            if (isset($customer)) {
                \Yii::$app->user->setIdentity($customer);
                    return $customer;
            }
        } catch (Exception $e) {
            Yii::error('Failed to load customer: ' . $e->getMessage());
        }
        return null;
    }

    /**
     * @see AuthMethod::$optional
     * @return array
     */
    protected function  getOptionalActions(){
        return [];
    }


}