<?php

use App\Models\User;
use Illuminate\Support\Facades\Mail;
use App\Mail\Send2FACode;

test('users with email 2fa enabled are redirected to challenge page', function () {
    Mail::fake();

    $user = User::factory()->create([
        'email_2fa_enabled' => true,
    ]);

    $response = $this->post('/login', [
        'email' => $user->email,
        'password' => 'password',
    ]);

    $this->assertGuest();
    $response->assertRedirect(route('two-factor.challenge'));

    $user->refresh();
    expect($user->email_2fa_code)->not->toBeNull();
    expect($user->email_2fa_expires_at)->not->toBeNull();

    Mail::assertSent(Send2FACode::class, function ($mail) use ($user) {
        return $mail->hasTo($user->email) && $mail->code === $user->email_2fa_code;
    });

    $this->assertEquals($user->id, session('two_factor_user_id'));
    $this->assertEquals('email', session('two_factor_type'));
});

test('users can verify their email 2fa code successfully', function () {
    $user = User::factory()->create([
        'email_2fa_enabled' => true,
        'email_2fa_code' => '123456',
        'email_2fa_expires_at' => now()->addMinutes(10),
    ]);

    session(['two_factor_user_id' => $user->id, 'two_factor_type' => 'email']);

    $response = $this->post('/two-factor/challenge', [
        'code' => '123456',
    ]);

    $this->assertAuthenticatedAs($user);
    $response->assertRedirect(route('dashboard'));

    $user->refresh();
    expect($user->email_2fa_code)->toBeNull();
    expect($user->email_2fa_expires_at)->toBeNull();
});

test('users cannot verify incorrect email 2fa code', function () {
    $user = User::factory()->create([
        'email_2fa_enabled' => true,
        'email_2fa_code' => '123456',
        'email_2fa_expires_at' => now()->addMinutes(10),
    ]);

    session(['two_factor_user_id' => $user->id, 'two_factor_type' => 'email']);

    $response = $this->post('/two-factor/challenge', [
        'code' => '654321',
    ]);

    $this->assertGuest();
    $response->assertSessionHasErrors(['code']);
});

test('users can resend email 2fa code', function () {
    Mail::fake();

    $user = User::factory()->create([
        'email_2fa_enabled' => true,
        'email_2fa_code' => '123456',
        'email_2fa_expires_at' => now()->addMinutes(10),
    ]);

    session(['two_factor_user_id' => $user->id, 'two_factor_type' => 'email']);

    $response = $this->post('/two-factor/resend');

    $response->assertSessionHasNoErrors();
    
    $user->refresh();
    expect($user->email_2fa_code)->not->toEqual('123456');

    Mail::assertSent(Send2FACode::class);
});