package middleware

import (
	"context"
	"fmt"
	"net/http"
	"nilfm.cc/git/quartzgun/auth"
	"nilfm.cc/git/quartzgun/cookie"
)

func Protected(next http.Handler, method string, userStore auth.UserStore) http.Handler {
	handlerFunc := func(w http.ResponseWriter, req *http.Request) {
		user, err := cookie.GetToken("user", req)
		if err == nil {
			session, err := cookie.GetToken("session", req)
			if err == nil {
				login, err := userStore.ValidateUser(user, session)
				if err == nil && login {
					fmt.Printf("authorized!\n")
					fmt.Printf("user: %s, session: %s\n", user, session)
					req.Method = method
					next.ServeHTTP(w, req)
					return
				}
			}
		}
		fmt.Printf("unauthorized...\n")
		req.Method = http.MethodGet
		http.Redirect(w, req, "/login", http.StatusSeeOther)
	}

	return http.HandlerFunc(handlerFunc)
}

func Authorize(next string, userStore auth.UserStore) http.Handler {
	handlerFunc := func(w http.ResponseWriter, req *http.Request) {
		err := auth.Login(
			req.FormValue("user"),
			req.FormValue("password"),
			userStore,
			w,
			24*7*52)
		if err == nil {
			req.Method = http.MethodGet
			fmt.Printf("logged in as %s\n", req.FormValue("user"))
			http.Redirect(w, req, next, http.StatusSeeOther)
		} else {
			*req = *req.WithContext(
				context.WithValue(
					req.Context(),
					"message",
					"Incorrect credentials"))
			fmt.Printf("login failed!\n")
			req.Method = http.MethodGet
			http.Redirect(w, req, "/login", http.StatusSeeOther)
		}
	}

	return http.HandlerFunc(handlerFunc)
}