package handlers

import (
	"context"
	"errors"
	"net/http"
)

func (h *Handlers) GetSession(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		sessionCookie, err := r.Cookie("session_token")
		if err != nil {
			msg := "auth failed; failed to get session token from cookies"
			h.log.Debug(msg, "error", err)
			next.ServeHTTP(w, r)
			return
		}
		sessionToken := ""
		if sessionCookie.Value == "" {
			sessionToken = sessionCookie.Value
		}
		userSession, err := h.cacheGetSession(sessionCookie.Value)
		if err != nil {
			msg := "auth failed; session does not exists"
			err = errors.New(msg)
			h.log.Debug(msg, "error", err)
			next.ServeHTTP(w, r)
			return
		}
		if userSession.IsExpired() {
			h.mc.RemoveKey(sessionToken)
			msg := "session is expired"
			h.log.Debug(msg, "error", err, "token", sessionToken)
			next.ServeHTTP(w, r)
			return
		}
		ctx := context.WithValue(r.Context(),
			"username", userSession.Username)
		if err := h.cacheSetSession(sessionToken,
			userSession); err != nil {
			msg := "failed to marshal user session"
			h.log.Warn(msg, "error", err)
			next.ServeHTTP(w, r)
			return
		}
		next.ServeHTTP(w, r.WithContext(ctx))
	})
}