package session

import (
	"crypto/rand"
	"encoding/hex"
	"sync"
	"time"
)

// SessionData holds the data stored in a session.
type SessionData struct {
	AdminID   int
	Username  string
	CreatedAt time.Time
}

// SessionStore is an in-memory session store with RWMutex for concurrent safety.
type SessionStore struct {
	store map[string]*SessionData
	mu    sync.RWMutex
}

// NewSessionStore creates a new SessionStore instance.
func NewSessionStore() *SessionStore {
	return &SessionStore{
		store: make(map[string]*SessionData),
	}
}

// Create creates a new session for the given admin and returns the session ID.
func (s *SessionStore) Create(adminID int, username string) string {
	sessionID := generateSessionID()
	data := &SessionData{
		AdminID:   adminID,
		Username:  username,
		CreatedAt: time.Now(),
	}

	s.mu.Lock()
	s.store[sessionID] = data
	s.mu.Unlock()

	return sessionID
}

// Get retrieves session data by session ID. Returns nil if not found.
func (s *SessionStore) Get(sessionID string) *SessionData {
	s.mu.RLock()
	defer s.mu.RUnlock()
	return s.store[sessionID]
}

// Delete removes a session by session ID.
func (s *SessionStore) Delete(sessionID string) {
	s.mu.Lock()
	delete(s.store, sessionID)
	s.mu.Unlock()
}

// generateSessionID creates a cryptographically random session ID.
func generateSessionID() string {
	b := make([]byte, 32)
	_, _ = rand.Read(b)
	return hex.EncodeToString(b)
}