package auth

import (
	"fmt"
	"net/http"
	"time"
)

func SetUserCookie(w http.ResponseWriter, token string, expiryTime time.Time) {
	http.SetCookie(w, &http.Cookie{
		Name:     "token",
		Value:    token,
		Secure:   true,
		HttpOnly: true,
		Path:     "/",
		Expires:  expiryTime,
		SameSite: http.SameSiteStrictMode,
	})
}

func RemoveUserCookie(w http.ResponseWriter) {
	http.SetCookie(w, &http.Cookie{
		Name:     "token",
		Value:    "",
		Secure:   true,
		HttpOnly: true,
		Path:     "/",
		Expires:  time.Now().Add(-time.Hour),
		SameSite: http.SameSiteStrictMode,
	})
}

func GetUserIdFromRequest(r *http.Request) (uint, error) {
	c, err := r.Cookie("token")
	if err != nil {
		return 0, fmt.Errorf("no token cookie: %v", err)
	}

	userId, err := ValidateUserToken(c.Value)
	if err != nil {
		return 0, fmt.Errorf("invalid token: %v", err)
	}

	return userId, nil
}