package api

import (
	"net/http"

	"git.nochill.in/nochill/hiling_go/util/token"
	"github.com/gin-gonic/gin"
)

// func CORSMiddleware() gin.HandlerFunc {
// 	return func(ctx *gin.Context) {
// 		ctx.Writer.Header().Set("Access-Control-Allow-Origin", "*")
// 		ctx.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
// 		ctx.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
// 		ctx.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")

// 		if ctx.Request.Method == "OPTIONS" {
// 			ctx.AbortWithStatus(204)
// 			return
// 		}

// 		ctx.Next()
// 	}
// }

const (
	authorizationPayloadKey = "authorization_payload"
)

func authMiddleware(tokenMaker token.Maker) gin.HandlerFunc {
	return func(ctx *gin.Context) {

		str, err := ctx.Cookie("paseto")
		if err != nil {
			ctx.AbortWithStatusJSON(http.StatusUnauthorized, ErrorResponse(err, "Unauthorized"))
			return
		}

		payload, err := tokenMaker.VerifyToken(str)

		if err != nil {
			ctx.AbortWithStatusJSON(http.StatusInternalServerError, ErrorResponse(err, "Something went wrong while try to verify token"))
			return
		}

		ctx.Set(authorizationPayloadKey, payload)

		ctx.Next()
	}
}