package middleware

import (
	"context"
	"net/http"

	"codeberg.org/nextgo/dbots/internal/db"
	"codeberg.org/nextgo/dbots/internal/errorutil"
	"github.com/go-chi/render"
)

type contextKey string

const userKey contextKey = "user"

var mainUserID = "774287684944134155"

// AuthMiddleware is a middleware to set the user as context value.
// this middleware does not prevents the user from accessing the route
// if not authorized.
func AuthMiddleware(q *db.Queries) func(http.Handler) http.Handler {
	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			user, err := q.GetUser(r.Context(), mainUserID)
			if err != nil {
				user, _ = q.CreateUser(r.Context(), db.CreateUserParams{
					ID:       mainUserID,
					Username: "elisiei",
				})
			}

			q.CreateUser(r.Context(), db.CreateUserParams{
				ID:       "740358234002686004",
				Username: "ulysses_ck",
			}) //test

			ctx := context.WithValue(r.Context(), userKey, user) // mocked
			next.ServeHTTP(w, r.WithContext(ctx))
		})
	}
}

// AuthGuardMiddleware is a middleware that prevents the user
// from accessing the route if they are NOT authorized.
func AuthGuardMiddleware(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		_, ok := r.Context().Value(userKey).(*db.User)
		if !ok {
			render.Render(w, r, errorutil.ErrUnauthorized)
			return
		}
		next.ServeHTTP(w, r)
	})
}

func GetUser(ctx context.Context) *db.User {
	user, ok := ctx.Value(userKey).(*db.User)
	if !ok {
		return nil
	}
	return user
}