package auth

import (
	"net/http"
	"strings"

	"github.com/gin-gonic/gin"

	"gin_test/event"
	"gin_test/pkg/jwt"
)

func JWTMiddleware(jwtSvc *jwt.Service) gin.HandlerFunc {
	return func(c *gin.Context) {
		authHeader := c.GetHeader("Authorization")
		if authHeader == "" {
			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"code": 401, "message": "missing token"})
			return
		}

		parts := strings.SplitN(authHeader, " ", 2)
		if len(parts) != 2 || !strings.EqualFold(parts[0], "Bearer") {
			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"code": 401, "message": "invalid authorization header"})
			return
		}

		tokenString := strings.TrimSpace(parts[1])
		claims, err := jwtSvc.ParseToken(tokenString)
		if err != nil || claims == nil || claims.Username == "" {
			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"code": 401, "message": "invalid token"})
			return
		}

		// 放入 context，供业务层取用
		c.Set("username", claims.Username)
		c.Set("claims", claims)
		c.Next()
	}
}

// 防止 go vet/静态检查对未使用 import 报错（event 可能用于后续扩展）。
var _ = event.EventJWTTokenIssueRequested