<?php
/**
 * API pour vérifier le statut de la vérification faciale en temps réel
 * Utilisé par le prestataire pour savoir quand l'assuré a validé
 */

header('Content-Type: application/json');
require_once 'config.php';
require_once 'database.php';

$requestId = $_GET['request_id'] ?? null;

if (!$requestId) {
    echo json_encode([
        'success' => false,
        'message' => 'ID de requête manquant'
    ]);
    exit;
}

$db = new Database();
$conn = $db->getConnection();

// Récupérer le statut de la vérification
$sql = "SELECT vr.*, pas.session_token
        FROM facial_verification_requests vr
        LEFT JOIN prestation_authorization_sessions pas 
            ON vr.id = pas.verification_request_id 
            AND pas.status = 'active'
        WHERE vr.id = ?";

$stmt = $conn->prepare($sql);
$stmt->execute([$requestId]);
$request = $stmt->fetch(PDO::FETCH_ASSOC);

if (!$request) {
    echo json_encode([
        'success' => false,
        'message' => 'Requête non trouvée'
    ]);
    exit;
}

// Calculer le temps restant
$now = new DateTime();
$expiresAt = new DateTime($request['expires_at']);
$interval = $now->diff($expiresAt);
$secondsRemaining = ($expiresAt->getTimestamp() - $now->getTimestamp());

echo json_encode([
    'success' => true,
    'status' => $request['status'],
    'attempts' => $request['attempts'],
    'match_confidence' => $request['match_confidence'],
    'session_token' => $request['session_token'],
    'seconds_remaining' => max(0, $secondsRemaining),
    'verified_at' => $request['verified_at']
]);