package auth

import (
	"net/http"

	"github.com/alexedwards/scs/v2"
)

const SessionKeyUserID = "user_id"

// Middleware provides authentication middleware
type Middleware struct {
	sessions *scs.SessionManager
}

// NewMiddleware creates a new auth middleware
func NewMiddleware(sessions *scs.SessionManager) *Middleware {
	return &Middleware{sessions: sessions}
}

// RequireAuth redirects to login if not authenticated
func (m *Middleware) RequireAuth(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if !m.IsAuthenticated(r) {
			http.Redirect(w, r, "/login", http.StatusSeeOther)
			return
		}
		next.ServeHTTP(w, r)
	})
}

// IsAuthenticated checks if the current request has a valid session
func (m *Middleware) IsAuthenticated(r *http.Request) bool {
	return m.sessions.Exists(r.Context(), SessionKeyUserID)
}

// GetUserID returns the authenticated user's ID from the session
func (m *Middleware) GetUserID(r *http.Request) int64 {
	return m.sessions.GetInt64(r.Context(), SessionKeyUserID)
}

// SetUserID sets the user ID in the session (called after successful login)
func (m *Middleware) SetUserID(r *http.Request, userID int64) {
	m.sessions.Put(r.Context(), SessionKeyUserID, userID)
}

// ClearSession removes the user ID from the session (called on logout)
func (m *Middleware) ClearSession(r *http.Request) error {
	return m.sessions.Destroy(r.Context())
}