/* global React */
// ──────────────── Auth / User module ────────────────

const AUTH_LS_USERS = "crubank_users_v1";
const AUTH_LS_CURRENT = "crubank_current_user";
const AUTH_LS_UNLOCKED_PREFIX = "crubank_unlocked_"; // + userId

// Tiny non-crypto hash — enough to avoid plaintext passwords in localStorage for demo
function hashPw(s) {
  let h = 5381;
  for (let i = 0; i < s.length; i++) h = ((h << 5) + h + s.charCodeAt(i)) | 0;
  // mix
  let h2 = 0;
  for (let i = 0; i < s.length; i++) h2 = Math.imul(31, h2) + s.charCodeAt(i) | 0;
  return (h >>> 0).toString(16) + "-" + (h2 >>> 0).toString(16);
}

function uid() {
  return "u_" + Date.now().toString(36) + "_" + Math.random().toString(36).slice(2, 7);
}

function loadUsers() {
  try {
    const raw = localStorage.getItem(AUTH_LS_USERS);
    if (!raw) return [];
    const arr = JSON.parse(raw);
    return Array.isArray(arr) ? arr : [];
  } catch { return []; }
}

function saveUsers(users) {
  try { localStorage.setItem(AUTH_LS_USERS, JSON.stringify(users)); } catch {}
}

function loadCurrentUser() {
  try {
    const id = localStorage.getItem(AUTH_LS_CURRENT);
    if (!id) return null;
    return loadUsers().find(u => u.id === id) || null;
  } catch { return null; }
}

function setCurrentUser(user) {
  if (user) localStorage.setItem(AUTH_LS_CURRENT, user.id);
  else localStorage.removeItem(AUTH_LS_CURRENT);
}

function loadUserUnlocked(userId) {
  if (!userId) return new Set();
  try {
    const raw = localStorage.getItem(AUTH_LS_UNLOCKED_PREFIX + userId);
    if (!raw) return new Set();
    const arr = JSON.parse(raw);
    return new Set(Array.isArray(arr) ? arr.map(Number) : []);
  } catch { return new Set(); }
}

function saveUserUnlocked(userId, set) {
  if (!userId) return;
  try {
    localStorage.setItem(AUTH_LS_UNLOCKED_PREFIX + userId, JSON.stringify([...set]));
  } catch {}
}

// ──────── Auth API ────────
function registerUser({ name, email, password }) {
  const users = loadUsers();
  const emailNorm = email.trim().toLowerCase();
  if (users.some(u => u.email === emailNorm)) {
    return { ok: false, error: "อีเมลนี้มีผู้ใช้งานแล้ว ลองเข้าสู่ระบบแทน" };
  }
  const user = {
    id: uid(),
    name: name.trim(),
    email: emailNorm,
    pwHash: hashPw(password),
    createdAt: new Date().toISOString(),
  };
  users.push(user);
  saveUsers(users);
  setCurrentUser(user);
  return { ok: true, user };
}

function loginUser({ email, password }) {
  const users = loadUsers();
  const emailNorm = email.trim().toLowerCase();
  const u = users.find(x => x.email === emailNorm);
  if (!u) return { ok: false, error: "ไม่พบบัญชีนี้ ลองสมัครสมาชิกก่อน" };
  if (u.pwHash !== hashPw(password)) return { ok: false, error: "รหัสผ่านไม่ถูกต้อง" };
  setCurrentUser(u);
  return { ok: true, user: u };
}

function logoutUser() { setCurrentUser(null); }

function deleteUser(userId) {
  saveUsers(loadUsers().filter(u => u.id !== userId));
  try { localStorage.removeItem(AUTH_LS_UNLOCKED_PREFIX + userId); } catch {}
}

// ──────── Validation ────────
function validateRegister({ name, email, password, confirm }) {
  const errs = {};
  if (!name || name.trim().length < 2) errs.name = "กรุณาใส่ชื่อ-นามสกุล";
  if (!email || !/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) errs.email = "รูปแบบอีเมลไม่ถูกต้อง";
  if (!password || password.length < 6) errs.password = "รหัสผ่านอย่างน้อย 6 ตัวอักษร";
  if (password !== confirm) errs.confirm = "รหัสผ่านไม่ตรงกัน";
  return errs;
}
function validateLogin({ email, password }) {
  const errs = {};
  if (!email) errs.email = "กรุณาใส่อีเมล";
  if (!password) errs.password = "กรุณาใส่รหัสผ่าน";
  return errs;
}

window.AuthModule = {
  loadUsers, saveUsers, loadCurrentUser, setCurrentUser,
  loadUserUnlocked, saveUserUnlocked,
  registerUser, loginUser, logoutUser, deleteUser,
  validateRegister, validateLogin,
  hashPw,
};