package auth

import (
	"log"
	"net/http"

	"lishwist/db"
	"lishwist/env"

	"github.com/gorilla/sessions"
)

type AuthMiddleware struct {
	Store            *sessions.CookieStore
	protectedHandler http.Handler
	publicHandler    http.Handler
}

func (auth *AuthMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	session, _ := auth.Store.Get(r, "lishwist_user")
	authorized, _ := session.Values["authorized"].(bool)
	if !authorized {
		auth.publicHandler.ServeHTTP(w, r)
	} else {
		auth.protectedHandler.ServeHTTP(w, r)
	}
}

func (auth *AuthMiddleware) ExpectUser(r *http.Request) *db.User {
	session, _ := auth.Store.Get(r, "lishwist_user")
	username, ok := session.Values["username"].(string)
	if !ok {
		log.Fatalln("Failed to get username")
	}

	user, err := db.GetUser(username)
	if err != nil {
		log.Fatalf("Failed to get user: %s\n", err)
	}
	return user
}

func NewAuthMiddleware(protectedHandler http.Handler, publicHandler http.Handler) *AuthMiddleware {
	store := sessions.NewCookieStore([]byte(env.Secret))
	store.Options.MaxAge = 86_400
	return &AuthMiddleware{store, protectedHandler, publicHandler}
}