package middleware

import (
	"net/http"

	"github.com/gorilla/sessions"
)

var store = sessions.NewCookieStore([]byte("123456"))

func GetSession(r *http.Request) (*sessions.Session, error) {
	return store.Get(r, "transit")
}

// RequireLogin 登录验证中间件
// 检查用户是否已登录,未登录则重定向到OAuth登录页面
func RequireLogin(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		session, err := GetSession(r)
		if err != nil {
			// Session读取失败,保存原始URL后重定向到登录
			session, _ = store.New(r, "transit")
			session.Values["redirect_after_login"] = r.URL.RequestURI()
			session.Save(r, w)
			http.Redirect(w, r, "/oauth/gitea", http.StatusFound)
			return
		}

		// 检查session中是否有用户信息
		userID := session.Values["uid"]
		if userID == nil {
			// 未登录,保存原始URL后重定向到OAuth登录
			session.Values["redirect_after_login"] = r.URL.RequestURI()
			session.Save(r, w)
			http.Redirect(w, r, "/oauth/gitea", http.StatusFound)
			return
		}

		// 已登录,继续处理请求
		next.ServeHTTP(w, r)
	})
}