<?php
/**
 * POST /api/register-device
 *
 * Register a Caller Android device.
 *
 * Request body:
 *   {
 *     "device_id": "DEVICE_XXX",
 *     "phone_number": "+9627XXXXXXXX",
 *     "sim_slot": 0,
 *     "app_key": "SECRET_DEVICE_KEY"
 *   }
 */

header('Content-Type: application/json; charset=utf-8');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, X-App-Key');

if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    http_response_code(204);
    exit;
}

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['success' => false, 'message' => 'method_not_allowed']);
    exit;
}

require_once __DIR__ . '/../includes/Database.php';
require_once __DIR__ . '/../includes/Auth.php';
require_once __DIR__ . '/../includes/Logger.php';

// Authenticate — requires device key
Auth::requireAuth('device');

$input = json_decode(file_get_contents('php://input'), true);

if (!$input || !isset($input['device_id']) || !isset($input['phone_number'])) {
    http_response_code(400);
    echo json_encode(['success' => false, 'message' => 'missing_required_fields']);
    RequestLogger::log('register-device', 'POST', $input, 400, 'missing_fields');
    exit;
}

$deviceId = trim($input['device_id']);
$phoneNumber = trim($input['phone_number']);
$simSlot = isset($input['sim_slot']) ? (int) $input['sim_slot'] : 0;

// Validate device_id
if (strlen($deviceId) < 5 || strlen($deviceId) > 50) {
    http_response_code(400);
    echo json_encode(['success' => false, 'message' => 'invalid_device_id_length']);
    RequestLogger::log('register-device', 'POST', $input, 400, 'invalid_device_id');
    exit;
}

// Validate phone format
if (!preg_match('/^\+[1-9]\d{6,14}$/', $phoneNumber)) {
    http_response_code(400);
    echo json_encode(['success' => false, 'message' => 'invalid_phone_format']);
    RequestLogger::log('register-device', 'POST', $input, 400, 'invalid_phone');
    exit;
}

// Validate sim_slot
if ($simSlot < 0 || $simSlot > 3) {
    http_response_code(400);
    echo json_encode(['success' => false, 'message' => 'invalid_sim_slot']);
    RequestLogger::log('register-device', 'POST', $input, 400, 'invalid_sim_slot');
    exit;
}

$db = Database::getInstance();

try {
    // Check if device already registered
    $stmt = $db->prepare("SELECT id, is_active FROM caller_devices WHERE device_id = ?");
    $stmt->execute([$deviceId]);
    $existing = $stmt->fetch();

    if ($existing) {
        // Update existing device (re-registration)
        $stmt = $db->prepare(
            "UPDATE caller_devices
             SET phone_number = ?, sim_slot = ?, is_active = 1, last_seen = NOW()
             WHERE device_id = ?"
        );
        $stmt->execute([$phoneNumber, $simSlot, $deviceId]);

        echo json_encode([
            'success' => true,
            'message' => 'device_updated',
            'device_id' => $deviceId,
        ]);
    } else {
        // Insert new device
        $stmt = $db->prepare(
            "INSERT INTO caller_devices (device_id, phone_number, sim_slot, is_active, last_seen, calls_today, created_at)
             VALUES (?, ?, ?, 1, NOW(), 0, NOW())"
        );
        $stmt->execute([$deviceId, $phoneNumber, $simSlot]);

        echo json_encode([
            'success' => true,
            'message' => 'device_registered',
            'device_id' => $deviceId,
        ]);
    }

    RequestLogger::log('register-device', 'POST', $input, 200);

} catch (\Throwable $e) {
    error_log('register-device error: ' . $e->getMessage());
    http_response_code(500);
    echo json_encode(['success' => false, 'message' => 'internal_error']);
    RequestLogger::log('register-device', 'POST', $input, 500, $e->getMessage());
}