package middleware

import (
	"fmt"
	jwtware "github.com/gofiber/contrib/jwt"
	"github.com/gofiber/fiber/v2"
	"github.com/golang-jwt/jwt/v5"
	"github.com/google/uuid"
	"os"
	"relay-server/model"
	"relay-server/utils"
)

func Protected() fiber.Handler {
	return jwtware.New(jwtware.Config{
		SigningKey:   jwtware.SigningKey{Key: []byte(os.Getenv("JWT_SECRET"))},
		ErrorHandler: jwtError,
		TokenLookup:  "cookie:token",
		Claims:       &model.UserClaims{},
		SuccessHandler: func(c *fiber.Ctx) error {
			user := c.Locals("user").(*jwt.Token)
			claims := user.Claims.(*model.UserClaims)
			userID, err := uuid.Parse(claims.UserID)
			if err != nil {
				return utils.NewError(utils.ErrInternal, "internal server error", fmt.Errorf("failed to parse user ID: %w", err))
			}
			c.Locals("userID", userID)
			c.Locals("username", claims.Username)
			return c.Next()
		},
	})
}

func jwtError(c *fiber.Ctx, err error) error {
	if err.Error() == "Missing or malformed JWT" {
		return c.Status(fiber.StatusBadRequest).
			JSON(fiber.Map{"error": "Missing or malformed token"})
	}
	return c.Status(fiber.StatusUnauthorized).
		JSON(fiber.Map{"error": "Invalid or expired token"})
}