<?php
/** @phpstan-var \Gazelle\User $Viewer */
/** @phpstan-var \Twig\Environment $Twig */

declare(strict_types=1);

namespace Gazelle;

$userId = (int)($_GET['user_id'] ?? $Viewer->id);
$user = new User($userId);

$tokenId = (int)($_GET['token_id'] ?? 0);
$error = null;
$token = null;
$tokenName = '';

$_GET['do'] ??= '';

if (strlen($_GET['do']) && $userId !== $Viewer->id && !$Viewer->permitted('users_mod')) {
    Error403::error();
}

if ($_GET['do'] === 'revoke') {
    $user->revokeApiTokenById($tokenId);
    header("Location: {$user->location()}&action=edit");
    exit;
} elseif ($_GET['do'] === 'generate') {
    $tokenName = trim($_POST['token_name'] ?? '');
    if (!strlen($tokenName)) {
        $error = 'You must supply a name for the token.';
    } elseif ($user->hasApiTokenByName($tokenName)) {
        $error = 'You have already generated a token with that name.';
    } else {
        $token = $user->createApiToken($tokenName);
    }
}

if (is_null($token)) {
    echo $Twig->render('user/token-new.twig', [
        'error' => $error,
        'id'    => $userId,
        'token_name' => $tokenName,
    ]);
} else {
    echo $Twig->render('user/token-show.twig', [
        'id'    => $userId,
        'name'  => $tokenName,
        'token' => $token,
    ]);
}