<?php
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');

// Configuration
$KIOSK_URL = 'https://www.shops.scales-technology.co.ke/hr_attendance/attendance_barcode_scanned';
$TOKEN = '2c8ea87a-0d62-4415-bd26-13d4936f5713';

// Get barcode from query parameter
$barcode = isset($_GET['barcode']) ? $_GET['barcode'] : '';

if (empty($barcode)) {
    http_response_code(400);
    echo json_encode([
        'success' => false,
        'error' => 'MISSING_BARCODE',
        'message' => 'Barcode parameter is required'
    ]);
    exit;
}

// Prepare JSON request
$jsonData = json_encode([
    'id' => 1,
    'jsonrpc' => '2.0',
    'method' => 'call',
    'params' => [
        'barcode' => $barcode,
        'token' => $TOKEN
    ]
]);

// Use CORS proxy
$proxyUrl = 'https://corsproxy.io/?' . urlencode($KIOSK_URL);

// Send request using cURL
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $proxyUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonData);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Content-Type: application/json',
    'Content-Length: ' . strlen($jsonData)
]);

$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

if ($response === false) {
    http_response_code(500);
    echo json_encode([
        'success' => false,
        'error' => 'CURL_ERROR',
        'message' => 'Failed to connect to server'
    ]);
    exit;
}

// Parse response
$data = json_decode($response, true);

if ($data === null) {
    http_response_code(500);
    echo json_encode([
        'success' => false,
        'error' => 'INVALID_RESPONSE',
        'message' => 'Invalid JSON response from server'
    ]);
    exit;
}

// Check if employee found
if (isset($data['result']) && !empty($data['result']) && isset($data['result']['employee_name'])) {
    $result = $data['result'];
    $employeeName = $result['employee_name'];
    $isCheckedIn = ($result['attendance_state'] ?? '') === 'checked_in';
    $hoursToday = $result['hours_today'] ?? 0;
    $checkInTime = '--:--';
    
    if (isset($result['attendance']['check_in'])) {
        $time = strtotime($result['attendance']['check_in'] . ' UTC');
        $checkInTime = date('H:i', $time);
    }
    
    echo json_encode([
        'success' => true,
        'employee_name' => $employeeName,
        'attendance_state' => $result['attendance_state'] ?? 'unknown',
        'hours_today' => (float)$hoursToday,
        'check_in_time' => $checkInTime,
        'message' => $isCheckedIn ? 'Welcome! Have a productive day' : 'Goodbye! Thank you for your work'
    ]);
} elseif (isset($data['error'])) {
    echo json_encode([
        'success' => false,
        'error' => 'API_ERROR',
        'message' => $data['error']['message'] ?? 'API returned an error'
    ]);
} else {
    // Empty result
    echo json_encode([
        'success' => false,
        'error' => 'EMPLOYEE_NOT_IDENTIFIED',
        'message' => 'Employee not found'
    ]);
}
?>