package middleware

import (
	"errors"
	"net/http"
	"nova_task/internal/model"
)

type AdminSecretCheckMiddleware struct {
	conf model.NhSystemConfigModel
}

func NewAdminSecretCheckMiddleware(conf model.NhSystemConfigModel) *AdminSecretCheckMiddleware {
	return &AdminSecretCheckMiddleware{conf: conf}
}

func (m *AdminSecretCheckMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		if key, err := m.conf.GetAdminSecret(r.Context()); err != nil {
			if !errors.Is(err, model.ErrNotFound) {
				http.Error(w, "system error", http.StatusInternalServerError)
				return
			}
		} else {
			apiKey := r.Header.Get("x-admin-secret")
			if apiKey != key {
				http.Error(w, "Invalid API key", http.StatusUnauthorized)
				return
			}
		}
		next(w, r)
	}
}