package main

import (
	"context"

	"github.com/getkin/kin-openapi/openapi3filter"
	"github.com/labstack/echo/v4"
	oapiMiddleware "github.com/oapi-codegen/echo-middleware"
	appmiddleware "gitrepo.ru/neonxp/nquest/pkg/contextlib"

	"gitrepo.ru/neonxp/nquest/pkg/models"
)

var authFunc = func(ctx context.Context, ai *openapi3filter.AuthenticationInput) error {
	echoCtx := ctx.Value(oapiMiddleware.EchoContextKey).(echo.Context)
	user := appmiddleware.GetUser(echoCtx)
	if user != nil {
		if len(ai.Scopes) > 0 {
			for _, v := range ai.Scopes {
				switch v {
				case "user":
					return nil
				case "creator":
					if user.HasRole(models.RoleCreator) {
						return nil
					}
				case "admin":
					if user.HasRole(models.RoleAdmin) {
						return nil
					}
				}
			}

			return echo.ErrForbidden
		}

		return nil
	}

	return echo.ErrForbidden
}