<?php

namespace App\Auth;

use Illuminate\Auth\EloquentUserProvider;
use Illuminate\Contracts\Auth\Authenticatable;

class CustomUserProvider extends EloquentUserProvider
{
    public function validateCredentials(Authenticatable $user, array $credentials): bool
    {
        $plain = $credentials['password'];
        $hashed = $user->getAuthPassword();

        // Check if the stored password is a bcrypt hash
        if ($this->isBcryptHash($hashed)) {
            // Use the hasher to verify the password
            if ($this->hasher->check($plain, $hashed)) {
                return true;
            }
        } else {
            // Fallback for legacy MD5 hashes
            if (md5($plain) === $hashed) {
                // Upgrade the password to bcrypt
                $user->password = $this->hasher->make($plain);
                $user->save();
                return true;
            }
        }

        return false;
    }

    /**
     * Determine if the given hash is a bcrypt hash.
     *
     * @param string $hashedPassword
     * @return bool
     */
    protected function isBcryptHash($hashedPassword): bool
    {
        return password_get_info($hashedPassword)['algo'] === PASSWORD_BCRYPT;
    }
}