package routes

import (
	"context"
	"log/slog"
	"net/http"

	"gitea.henriburau.de/haw-lan/cod4watcher/services"
	"gitea.henriburau.de/haw-lan/cod4watcher/views"
)

func OnlyAuthenticatedMiddleware(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(r)
		if err != nil {
			slog.Error("failed to optain session", "err", err)
		}

		if session != nil {
			next.ServeHTTP(w, r)
		}

		w.WriteHeader(http.StatusUnauthorized)
	})
}

func AuthMiddleware(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(r)
		if err != nil {
			slog.Error("error getting token", "err", err)
		}
		username := ""
		if session != nil {
			username = session.Username
		}

		ctx := context.WithValue(r.Context(), views.AuthContext, username)
		next.ServeHTTP(w, r.WithContext(ctx))
	})
}

func getSession(r *http.Request) (*services.Session, error) {
	c, err := r.Cookie("session_token")
	if err != nil {
		return nil, err
	}

	sessionToken := c.Value

	session, err := services.GetSession(sessionToken)
	if err != nil {
		return nil, err
	}

	if session.IsExpired() {
		services.RemoveSession(sessionToken)
		return nil, nil
	}

	return session, nil
}