<?php

namespace App\Actions\Fortify;

use Illuminate\Support\Facades\Log;
use Illuminate\Support\Str;
use Laravel\Fortify\Contracts\TwoFactorAuthenticationProvider;

class EnableTwoFactorAuthentication
{
    /**
     * The two factor authentication provider.
     *
     * @var \Laravel\Fortify\Contracts\TwoFactorAuthenticationProvider
     */
    protected $provider;

    /**
     * Create a new action instance.
     *
     * @param  \Laravel\Fortify\Contracts\TwoFactorAuthenticationProvider  $provider
     * @return void
     */
    public function __construct(TwoFactorAuthenticationProvider $provider)
    {
        $this->provider = $provider;
    }

    /**
     * Enable two factor authentication for the user by generating secrets
     * and storing them temporarily in the session.
     *
     * @param  mixed  $user
     * @return void
     */
    public function __invoke($user)
    {
        $secretKey = $this->provider->generateSecretKey();

        $recoveryCodes = collect(range(1, 8))
            ->map(fn () => Str::random(10).'-'.Str::random(10))
            ->all();

        $qrCodeSvg = $this->provider->qrCodeSvg(
            config('app.name'),
            $user->email,
            $secretKey
        );

        // Store the generated data in the session
        session([
            '2fa_setup_secret' => $secretKey, // Unencrypted secret for display and confirmation
            '2fa_setup_qr_svg' => $qrCodeSvg,
            '2fa_setup_recovery_codes' => encrypt(json_encode($recoveryCodes)), // Encrypt for storage in session
        ]);

        // IMPORTANT: This custom action does NOT save anything to the user model in the database.
        // That will be handled by the custom ConfirmTwoFactorAuthentication action.
    }
}