package Auth

import (
	"errors"
	"net/http"
	"time"

	"git.tovijaeschke.xyz/tovi/Envelope/Backend/Database"
	"git.tovijaeschke.xyz/tovi/Envelope/Backend/Models"
)

var (
	Sessions = map[string]Session{}
)

type Session struct {
	UserID   string
	Username string
	Expiry   time.Time
}

func (s Session) IsExpired() bool {
	return s.Expiry.Before(time.Now())
}

func CheckCookie(r *http.Request) (Session, error) {
	var (
		c            *http.Cookie
		sessionToken string
		userSession  Session
		exists       bool
		err          error
	)

	c, err = r.Cookie("session_token")
	if err != nil {
		return userSession, err
	}
	sessionToken = c.Value

	// We then get the session from our session map
	userSession, exists = Sessions[sessionToken]
	if !exists {
		return userSession, errors.New("Cookie not found")
	}

	// If the session is present, but has expired, we can delete the session, and return
	// an unauthorized status
	if userSession.IsExpired() {
		delete(Sessions, sessionToken)
		return userSession, errors.New("Cookie expired")
	}

	return userSession, nil
}

func CheckCookieCurrentUser(w http.ResponseWriter, r *http.Request) (Models.User, error) {
	var (
		userSession Session
		userData    Models.User
		err         error
	)

	userSession, err = CheckCookie(r)
	if err != nil {
		return userData, err
	}

	userData, err = Database.GetUserById(userSession.UserID)
	if err != nil {
		return userData, err
	}

	if userData.ID.String() != userSession.UserID {
		return userData, errors.New("Is not current user")
	}

	return userData, nil
}