<?php

namespace App\Console\Commands;

use App\Models\BastionAccount;
use Illuminate\Console\Command;
use Illuminate\Support\Str;

class BastionRefreshTokensCommand extends Command
{
    protected $signature = 'bastion:refresh-tokens';

    protected $description = 'Refresh USM and USM-AUTHENTICATION for active bastion accounts';

    public function handle(): int
    {
        BastionAccount::query()->where('is_active', true)->chunkById(100, function ($accounts): void {
            foreach ($accounts as $account) {
                $account->update([
                    'usm_authentication' => Str::uuid()->toString(),
                    'usm' => hash('sha256', Str::uuid()->toString()),
                    'last_token_refreshed_at' => now(),
                ]);
            }
        });

        $this->info('Bastion tokens refreshed.');

        return self::SUCCESS;
    }
}