package middleware

import (
	"net/http"

	"simple_portal/session"

	"github.com/gin-gonic/gin"
)

// AuthRequired returns a Gin middleware that checks for a valid session.
// If the session is invalid or missing, redirects to /admin/login.
func AuthRequired(store *session.SessionStore) gin.HandlerFunc {
	return func(c *gin.Context) {
		sessionID, err := c.Cookie("session_id")
		if err != nil || sessionID == "" {
			c.Redirect(http.StatusFound, "/admin/login")
			c.Abort()
			return
		}

		data := store.Get(sessionID)
		if data == nil {
			c.Redirect(http.StatusFound, "/admin/login")
			c.Abort()
			return
		}

		// Store session data in context for handlers to use
		c.Set("adminID", data.AdminID)
		c.Set("username", data.Username)
		c.Set("sessionID", sessionID)
		c.Next()
	}
}