package api

import (
	"fmt"
	"net/http"
	"smm2_gameserver/config"
	"smm2_gameserver/nex/datastore"
	"smm2_gameserver/orm"

	"github.com/gorilla/mux"
	"gorm.io/gorm"
)

var jwtSecret []byte
var db *gorm.DB
var cfg *config.Config
var router *mux.Router

func GetUser(id int64) (orm.User, error) {
	var user orm.User
	result := db.Preload("Role").First(&user, "id = ?", id)
	if result.Error != nil {
		return user, result.Error
	}
	return user, nil
}

var eulaBypassPaths = map[string]bool{
	"/api/accept_eula":  true,
	"/api/auth/refresh": true,
	"/api/user":         true,
	"/mm2":              true,
}

func Secure(path string, handler func(http.ResponseWriter, *http.Request, orm.User)) *mux.Route {
	return router.Handle(path, jwtMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		user, err := GetUser(getUserId(r))
		if err != nil {
			reportError(w, r, err)
			return
		}
		if !eulaBypassPaths[path] {
			if !dataView.EulaAccepted(datastore.Pid(user.ID)) {
				fmt.Println("EULA not accepted", user.ID)
				w.WriteHeader(http.StatusForbidden)
				return
			}
		}
		handler(w, r, user)
	})))
}

func InsecureOpt(path string, handler func(http.ResponseWriter, *http.Request, *orm.User)) *mux.Route {
	return router.Handle(path, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		newReq, err := readAuthHeaders(r)

		if err != nil {
			handler(w, r, nil)
			return
		}

		user, err := GetUser(getUserId(newReq))

		if err != nil {
			handler(w, r, nil)
			return
		}

		handler(w, r, &user)
	}))
}

func Insecure(path string, handler func(http.ResponseWriter, *http.Request)) *mux.Route {
	return router.Handle(path, http.HandlerFunc(handler))
}