<?php

namespace App\Core;

use App\Middleware\AuthMiddleware;
use App\Middleware\AdminMiddleware;
use App\Middleware\CsrfMiddleware;

class Application
{
    private Router $router;
    private Database $database;
    private Session $session;
    private array $middleware = [];

    public function __construct()
    {
        $this->router = Router::getInstance();
        $this->database = new Database();
        $this->session = new Session();
        
        // Register middleware
        $this->registerMiddleware();
    }

    public function handle(): void
    {
        try {
            $request = new Request();
            $response = new Response();

            // Apply global middleware
            $this->applyMiddleware($request, $response);

            // Route the request
            $route = $this->router->match($request->getMethod(), $request->getPath());
            
            if (!$route) {
                $this->handleNotFound();
                return;
            }

            // Apply route-specific middleware
            if (isset($route['middleware'])) {
                $this->applyRouteMiddleware($route['middleware'], $request, $response);
            }

            // Execute controller
            $controller = new $route['controller']();
            $method = $route['method'];
            
            // Inject dependencies
            $controller->setRequest($request);
            $controller->setResponse($response);
            $controller->setSession($this->session);
            $controller->setDatabase($this->database);

            // Execute with parameters
            $params = $route['params'] ?? [];
            $result = call_user_func_array([$controller, $method], $params);

            // Send response
            if ($result instanceof Response) {
                $result->send();
            } else {
                $response->setContent($result);
                $response->send();
            }

        } catch (\Exception $e) {
            $this->handleError($e);
        }
    }

    private function registerMiddleware(): void
    {
        $this->middleware = [
            'auth' => AuthMiddleware::class,
            'admin' => AdminMiddleware::class,
            'csrf' => CsrfMiddleware::class,
        ];
    }

    private function applyMiddleware(Request $request, Response $response): void
    {
        // Apply CSRF middleware to all POST requests
        if ($request->getMethod() === 'POST') {
            $csrfMiddleware = new CsrfMiddleware();
            $csrfMiddleware->handle($request, $response);
        }
    }

    private function applyRouteMiddleware(array $middlewareNames, Request $request, Response $response): void
    {
        foreach ($middlewareNames as $name) {
            if (isset($this->middleware[$name])) {
                $middlewareClass = $this->middleware[$name];
                $middleware = new $middlewareClass();
                $middleware->handle($request, $response);
            }
        }
    }

    private function handleNotFound(): void
    {
        http_response_code(404);
        require APP_PATH . '/Views/errors/404.php';
    }

    private function handleError(\Exception $e): void
    {
        if (APP_DEBUG) {
            throw $e;
        }

        error_log($e->getMessage());
        http_response_code(500);
        require APP_PATH . '/Views/errors/500.php';
    }
}