package middlewares

import (
	"fmt"
	"net/http"
	"strings"
	"system-trace/core/app/constants"
	"system-trace/core/utils"

	"github.com/gofiber/fiber/v2"
)

func ValidateSession(c *fiber.Ctx) error {
	header := c.GetReqHeaders()[http.CanonicalHeaderKey("Authorization")]
	if len(header) <= 0 || len(header[0]) <= 0 || !validateToken(c, header[0]) {
		return c.Status(http.StatusForbidden).JSON(fiber.Map{
			"error": constants.UNAUTHORIZED,
		})
	}

	return c.Next()
}

func validateToken(c *fiber.Ctx, hash string) bool {
	splitted := strings.Split(hash, " ")
	if len(splitted) <= 1 {
		return false
	}
	claims, err := utils.ValidateJWT(splitted[1])
	fmt.Println(claims, err)
	// id, ok := claims["ID"].(string)
	// TODO validate date and check refresh token
	if err != nil || claims["iss"] != constants.JWT_APP_ISS {
		return false
	}

	// c.Locals("userId", id)

	return true
}