package api

import (
	"github.com/gin-gonic/gin"
	"net/http"
	"path/filepath"
	"photodisk/internal/auth"
	"photodisk/internal/config"
	"photodisk/internal/controller"
)

func AuthMiddleware(c *gin.Context) {
	sessionId, err := c.Cookie("session_id")
	if sessionId == "" || err != nil {
		c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
		c.Abort()
		return
	}

	user, err := auth.CheckSession(sessionId)
	if err != nil {
		c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
		c.Abort()
		return
	}

	controller.SetUser(c, user)

	c.Next()
}

func Start(addr string) error {
	// Start the server
	r := gin.Default()
	r.GET("/ping", func(c *gin.Context) {
		c.JSON(http.StatusOK, gin.H{
			"message": "pong",
		})
	})

	r.POST("/login", controller.Login)

	r.POST("/albums/new", AuthMiddleware, controller.CreateAlbum)
	r.PUT("/albums/:id", AuthMiddleware, controller.UpdateAlbum)
	r.GET("/albums/:id", AuthMiddleware, controller.GetAlbum)
	r.DELETE("/albums/:id", AuthMiddleware, controller.DeleteAlbum)

	r.GET("/albums", AuthMiddleware, controller.ListAlbums)

	r.GET("/albums/:id/list", controller.ListImages)
	r.GET("/albums/:id/:image", controller.ServeImage)

	r.POST("/album/:id/upload", AuthMiddleware, controller.UploadImage)

	// Serve static files
	r.Static("/static", config.Get().Static)
	r.GET("/", func(c *gin.Context) {
		c.File(filepath.Join(config.Get().Static, "index.html"))
	})

	return r.Run(addr) // listen and serve on 0.0.0.0:8080 (for windows "localhost:8080")
}