package middlewares

import (
	"fmt"
	"net/http"
	"xugu_license/internal/global"
	"xugu_license/internal/models"
	tokens "xugu_license/internal/utils/token"

	"github.com/gin-gonic/gin"
)

type UserAuthInfo struct {
	*models.UserInfo
	Permission map[Permission]Permission
}

func JwtAuthMiddleware() gin.HandlerFunc {
	return func(c *gin.Context) {

		err := tokens.TokenValid(c)
		if err != nil {
			global.Logger.Errorln("token解析失败  ", err.Error())
			c.String(http.StatusUnauthorized, err.Error())
			c.Abort()
			return
		}
		userClaims, err := tokens.ExtractTokenID(c)
		if err != nil {
			global.Logger.Errorln("token认证失败  ", err.Error())
			c.JSON(http.StatusBadRequest, gin.H{
				"error": err.Error(),
			})
			return
		}

		userInfo, err := models.GetUserInfoByID(userClaims.UserId)
		if err != nil {
			global.Logger.Errorln("认证获取用户失败 ", err.Error())
			c.JSON(http.StatusBadRequest, gin.H{
				"error": fmt.Sprintln("认证获取用户失败: ", err.Error()),
			})
			return
		}
		uAuthInfo := UserAuthInfo{userInfo, make(map[Permission]Permission)}
		//获取用户的权限
		roleKey := userInfo.Role
		if role, exists := Roles[roleKey]; exists {
			// 如果存在,可以在这里使用 role 进行后续操作
			//role.Permissions
			for _, p := range role.Permissions {
				uAuthInfo.Permission[p] = p
			}

		} else {
			// 如果不存在,进行相应的处理
			global.Logger.Errorln("Role does not exist ")
			c.JSON(http.StatusBadRequest, gin.H{"error": "invalid role"})
			c.Abort()
			return
		}

		global.Logger.Info("JwtAuthMiddleware u", uAuthInfo)

		c.Set("userInfo", &uAuthInfo)
		c.Next()
	}
}