package auth

import (
	"github.com/gin-gonic/gin"
	"net/http"
	"strings"
	"sync"
	"vamicro/extend/util"
)

const (
	TokenKey = "abc123456789"
)

type Auth interface {
	Check(c *gin.Context)bool
	User(c *gin.Context)map[string]interface{}
	Login(http *http.Request,w http.ResponseWriter,user map[string]interface{})interface{}
	Logout(http *http.Request,w http.ResponseWriter) bool
}

func GenerateAuthDriver() *Auth {
	var authDriver Auth
	authDriver = NewJwtAuthDriver()
	return &authDriver
}

var outUserM = make(map[string]string,0)
var lock sync.RWMutex

func SetOutUser(userId string) {
	lock.Lock()
	defer lock.Unlock()
	outUserM[userId] = userId
}

func OutUser(userId string) bool {
	lock.Lock()
	defer lock.Unlock()
	if _,ok := outUserM[userId];ok{
		return true
	}
	return false
}

func RemoveOutUser(userId string) {
	lock.Lock()
	defer lock.Unlock()
	if _,ok := outUserM[userId];ok{
		delete(outUserM,userId)
	}
}

var noTokenUrls = []string{
	"/data/api-v/gb28181/findAreaByParentId",
	"/data/api-v/sysinit/getInitInfo",
	"/data/api-v/sysinit/savePassword",
	"/data/api-v/sysinit/networkList",
	"/data/api-v/sysinit/initNetwork",
	"/data/api-v/sysinit/saveRegInfo",
	"/data/api-v/sysinit/getRegInfo",
	"/data/api-u/sys/logout",
}

func AuthHandler() gin.HandlerFunc {
	return func(c *gin.Context) {
		urlPath := c.Request.URL.Path

		if strings.Contains(urlPath,"/data/api-") &&
			!strings.Contains(urlPath,"login") &&
			!strings.Contains(urlPath, "/data/api-v/license") &&
			!strings.Contains(urlPath, "/data/api-v/info/") &&
			!util.ArrayContains(noTokenUrls, urlPath) &&
			!strings.Contains(urlPath, "/data/api-v/token") {
			//Oauth2检查
			token,err := Oauth2Serv.ValidationBearerToken(c.Request)
			if nil == err {
				if !CheckAcl(urlPath) {
					c.JSON(401, gin.H{
						"code": 401,
						"success": false,
						"msg": "接口暂未开放",
						"data": "",
					})
					c.Abort()
					return
				}
				c.Request.Header.Set("Login_user_id", token.GetUserID())
				c.Next()
				//fmt.Print(token.GetUserID())
				return
			} else {
				//fmt.Println(err.Error())
			}
			jwtDriver :=NewJwtAuthDriver()
			if !jwtDriver.Check(c) {
				c.JSON(401, gin.H{
					"code": 401,
					"success": false,
					"msg": "请求未携带Token,无权访问",
					"data": "",
				})
				c.Abort()
				return
			}
			userM := (*jwtDriver).User(c)
			if userM == nil {
				c.JSON(401, gin.H{
					"code": 401,
					"success": false,
					"msg": "请求未携带Token,无权访问",
					"data": "",
				})
				c.Abort()
				return
			}
			userId := userM["id"].(string)
			if OutUser(userId) {
				c.JSON(401, gin.H{
					"code": 401,
					"success": false,
					"msg": "请求未携带Token,无权访问",
					"data": "",
				})
				c.Abort()
				return
			}
			c.Request.Header.Set("Login_user_id", userId)
			c.Next()
		} else {
			c.Next()
		}
	}
}

func GetCurUser(c *gin.Context)map[string]interface{}{
	return (*GenerateAuthDriver()).User(c)
}