// Package auth provides authentication-related API endpoints for the Triggersmith application.
// It handles login, logout, and user management operations.
package api_auth

import (
	"net/http"
	"time"

	"git.oblat.lv/alex/triggerssmith/internal/auth"
	"git.oblat.lv/alex/triggerssmith/internal/config"
	"github.com/go-chi/chi/v5"
)

func setRefreshCookie(w http.ResponseWriter, token string, ttl time.Duration, secure bool) {
	http.SetCookie(w, &http.Cookie{
		Name:     "refresh_token",
		Value:    token,
		Path:     "/api/auth/",
		HttpOnly: true,
		SameSite: http.SameSiteLaxMode,
		MaxAge:   int(ttl.Seconds()),
		Secure:   secure,
	})
}

type authHandler struct {
	cfg *config.Config
	a   *auth.Service
}

func MustRoute(config *config.Config, authService *auth.Service) func(chi.Router) {
	if config == nil {
		panic("config is nil")
	}
	if authService == nil {
		panic("authService is nil")
	}
	h := &authHandler{
		cfg: config,
		a:   authService,
	}
	return func(r chi.Router) {
		r.Get("/getUserData", h.handleGetUserData) // legacy support

		r.Post("/register", h.handleRegister)
		r.Post("/login", h.handleLogin)
		r.Post("/logout", h.handleLogout)   // !requires authentication
		r.Post("/refresh", h.handleRefresh) // !requires authentication

		r.Get("/me", h.handleMe) // !requires authentication
		r.Get("/get-user-data", h.handleGetUserData)

		r.Post("/revoke", h.handleRevoke) // not implemented
	}
}