package main

import (
	"crypto/rand"
	"myproject/tools"
	"net/http"
	"strings"

	"github.com/gorilla/sessions"
	"github.com/labstack/echo/v4"
)

func NewAuthStore() *sessions.CookieStore {
	auth := make([]byte, 32)
	_, _ = rand.Read(auth)
	enc := make([]byte, 16)
	_, _ = rand.Read(enc)
	s := sessions.NewCookieStore(auth, enc)
	s.Options.Secure = false
	s.Options.SameSite = http.SameSiteDefaultMode
	s.MaxAge(3600)
	return s
}

func setAuth(onlyAdmin bool, g *echo.Group) *echo.Group {
	g.Use(
		func(next echo.HandlerFunc) echo.HandlerFunc {
			return func(c echo.Context) error {
				sess, err := c.Get("authStore").(*sessions.CookieStore).New(c.Request(), tools.SessionName)
				if err != nil {
					// journal.Debug(ctx, commerr.Trace(err).Error())
				}

				userName := sess.Values[tools.UserNameSessionKey]
				if userName == nil {
					return echo.ErrUnauthorized
				}

				email, lp, domain := SplitEmail(userName.(string))
				c.Set(tools.UserCtxKey, email)
				c.Set(tools.LpCtxKey, lp)
				c.Set(tools.DomainCtxKey, domain)

				return next(c)
			}
		},
		func(next echo.HandlerFunc) echo.HandlerFunc {
			return func(c echo.Context) error {
				if onlyAdmin && tools.GetUser(c) != "admin" {
					return echo.ErrUnauthorized
				}

				return next(c)
			}
		},
	)

	return g
}

func SplitEmail(toSplit string) (email, user, domain string) {
	email = strings.TrimSpace(toSplit)
	email = strings.ToLower(email)
	parts := strings.Split(email, "@")
	user = parts[0]
	if len(parts) > 1 {
		domain = parts[1]
	}

	return
}