package middlewares

import (
	"context"
	"net/http"

	"gitea.konchin.com/ytshih/inp2025/game/models"
	"gitea.konchin.com/ytshih/inp2025/game/tracing"
	"gitea.konchin.com/ytshih/inp2025/game/types"
	"github.com/uptrace/bunrouter"
	"go.uber.org/zap"
)

func (self *Handlers) Auth(
	next bunrouter.HandlerFunc,
) bunrouter.HandlerFunc {
	return func(w http.ResponseWriter, req bunrouter.Request) error {
		ctx := req.Context()

		username, password, ok := req.BasicAuth()
		if !ok {
			return HTTPError{
				StatusCode: http.StatusBadRequest,
				Message:    "basic auth wrong format",
			}
		}

		dbUser, err := self.db.GetUser(ctx, username)
		if err != nil {
			return HTTPError{
				StatusCode:  http.StatusBadRequest,
				Message:     "username not exist",
				OriginError: err,
			}
		}

		if dbUser.Password != password {
			tracing.Logger.Ctx(ctx).
				Debug("password input",
					zap.String("input.password", password),
					zap.String("dbuser.password", dbUser.Password))
			return HTTPError{
				StatusCode: http.StatusUnauthorized,
				Message:    "password incorrect",
			}
		}

		user := models.User{
			Username: username,
			Password: password,
		}

		ctx = context.WithValue(ctx, types.User(""), user)
		return next(w, req.WithContext(ctx))
	}
}