<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use App\Models\User;
use App\Rules\NotDisposableEmail;
use Illuminate\Auth\Events\Registered;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rules\Password;

class RegisteredUserController extends Controller
{
    public function create()
    {
        return view('auth.register');
    }

    public function store(Request $request)
    {
        // Honeypot — bots fill hidden fields; real users never do
        if ($request->filled('_hp')) {
            // Silently appear to succeed to confuse the bot
            return redirect()->route('login');
        }

        $request->validate([
            'name'        => ['required', 'string', 'max:255'],
            'email'       => ['required', 'string', 'email', 'max:255', 'unique:users', new NotDisposableEmail],
            'password'    => ['required', 'confirmed', Password::defaults()],
            'birthday'    => ['required', 'date', 'before:today'],
            'gender'      => ['required', 'in:male,female'],
            'nationality' => ['required', 'string', 'size:2'],
        ]);

        $user = User::create([
            'name'        => $request->name,
            'email'       => $request->email,
            'password'    => Hash::make($request->password),
            'birthday'    => $request->birthday,
            'gender'      => $request->gender,
            'nationality' => $request->nationality,
        ]);

        event(new Registered($user));

        auth()->login($user);

        return redirect()->route('verification.notice');
    }
}