package middlewares

import (
	"errors"
	"time"

	"git.readonly.ch/bouzoure/pop-camarades/helpers"
	"git.readonly.ch/bouzoure/pop-camarades/models"
	"github.com/gofiber/fiber/v2"
	"gorm.io/gorm"
)

func SavedSessionMiddleware(c *fiber.Ctx) error {
	sess, err := helpers.GetSessionStore(c)
	if err != nil {
		return err
	}

	if sess.Get("totp-verified") == "yes" {
		return c.Next()
	}

	sessionUUID := c.Cookies("saved-session-uuid")
	sessionSecret := c.Cookies("saved-session-secret")

	if len(sessionUUID) > 0 && len(sessionSecret) > 0 {
		db, err := helpers.GetDatabase()
		if err != nil {
			return err
		}

		var savedSession models.UserSavedSession
		result := db.Find(
			&savedSession,
			"uuid = ? AND expiration >= ?",
			sessionUUID,
			time.Now(),
		)

		if errors.Is(result.Error, gorm.ErrRecordNotFound) || result.RowsAffected < 1 {
			c.ClearCookie("saved-session-uuid")
			c.ClearCookie("saved-session-secret")

			return c.Next()
		}

		if result.Error != nil {
			return result.Error
		}

		if helpers.CheckPasswordHash(sessionSecret, savedSession.Secret) {
			sess.Set("userid", savedSession.UserID)
			sess.Set("totp-verified", "yes")
			sess.Save()
		}
	}

	return c.Next()
}