<?php
// verify_subscription.php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET");
require_once __DIR__ . '/config.php';
require_once __DIR__ . '/config/auth.php';

header('Content-Type: application/json; charset=utf-8');

try {
    // Authenticate the request
    $userID = authenticateRequest();
    
    // Check subscription status
    $stmt = $pdo->prepare("SELECT subscription_status, subscription_id, trial_end_date FROM ibeammac_iScan.employees WHERE tkey = ?");
    $stmt->execute([$userID]);
    $subscriptionData = $stmt->fetch(PDO::FETCH_ASSOC);
    
    if (!$subscriptionData) {
        echo json_encode([
            "success" => false,
            "active" => false,
            "message" => "User not found"
        ]);
        exit;
    }
    
    $status = $subscriptionData['subscription_status'];
    
    // Determine if subscription is active
    $isActive = in_array($status, ['active', 'trialing']);
    
    // Get additional info
    $trialEnding = null;
    if ($status === 'trialing' && !empty($subscriptionData['trial_end_date'])) {
        $trialEnding = $subscriptionData['trial_end_date'];
    }
    
    echo json_encode([
        "success" => true,
        "active" => $isActive,
        "status" => $status,
        "trial_end" => $trialEnding
    ]);
    
} catch (Exception $e) {
    http_response_code(401);
    echo json_encode([
        "success" => false,
        "active" => false,
        "message" => $e->getMessage()
    ]);
}
?>