/*
 * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
 */
package handler

import (
	"context"
	"fmt"

	"mproxy/app/router"
	"mproxy/pkg/auxhttp"
)

const (
	authTag = "authpass"
	userTag = "accountID"
)

func (hand *Handler) AuthMiddleware(next router.Handler) router.Handler {
	var handlerFunc router.HandlerFunc

	handlerFunc = func(rctx *router.Context) {
		success, err := hand.CheckAccess(rctx)
		if success {
			rctx.SetBool(authTag, true)
		}
		if err != nil {
			hand.logg.Errorf("Authorization middleware error: %v", err)
		}
		next.ServeHTTP(rctx)
	}
	return handlerFunc
}

// Authentification
func (hand *Handler) CheckAccess(rctx *router.Context) (bool, error) {
	var err error
	var success bool
	var username string
	var password string

	authHeader := rctx.GetHeader("Proxy-Authorization")
	hand.logg.Debugf("Proxy-Authorization: [%s]", authHeader)
	if authHeader != "" {
		username, password, err = auxhttp.ParseBasicAuth(authHeader)
		if err != nil {
			return success, err
		}
		success, err := hand.ValidatePassword(rctx.Ctx, username, password)
		if err != nil {
			return false, err
		}
		if !success {
			err = fmt.Errorf("Incorrect username or password")
			return false, err
		}
		return success, err
	}
	return success, err
}

func (hand *Handler) ValidatePassword(ctx context.Context, username, password string) (bool, error) {
	var err error
	valid := true
	return valid, err
}