package middlewares

import (
	"bytes"
	"sparkteam-dash/pkg/utils"
	"time"

	"github.com/gin-gonic/gin"
	"github.com/spf13/cast"
)

func CheckTokenV2() gin.HandlerFunc {
	return func(ctx *gin.Context) {
		auth, stamp := ctx.GetHeader("X-Grave-Sign"), ctx.GetHeader("X-Grave-Stamp")
		data := bytes.Buffer{}
		data.WriteString("grave-")
		data.WriteString(stamp)
		if utils.Md5Content(data.Bytes()) != auth {
			ctx.JSON(403, gin.H{"msg": "sign invalid"})
			ctx.Abort()
			return
		}
		ctx.Next()
	}
}

// CheckTokenV3 签名参数放置到url中，防止无法通过跨域传送域名
func CheckTokenV3() gin.HandlerFunc {
	return func(ctx *gin.Context) {
		auth, stamp := ctx.Query("sign"), ctx.Query("stamp")

		if auth == "dev" {
			ctx.Next()
			return
		}
		data := bytes.Buffer{}
		data.WriteString("sparkteam-")
		data.WriteString(stamp)
		stampInt := cast.ToInt64(stamp)
		if stampInt <= 0 || (stampInt+300 < time.Now().Unix()) {
			ctx.JSON(403, gin.H{"msg": "sign invalid"})
			ctx.Abort()
			return
		}
		if auth == "" || stamp == "" || utils.Md5Content(data.Bytes()) != auth {
			ctx.JSON(403, gin.H{"msg": "sign invalid"})
			ctx.Abort()
			return
		}
		ctx.Next()

	}
}