package middleware

import (
    "net/http"
    "strings"

    "github.com/gin-gonic/gin"
    "go-dy/internal/auth"
    "go-dy/internal/resp"
)

func Auth(secret string) gin.HandlerFunc {
    return func(c *gin.Context) {
        h := c.GetHeader("Authorization")
        if h == "" || !strings.HasPrefix(strings.ToLower(h), "bearer ") {
            resp.Error(c, http.StatusUnauthorized, "missing bearer token")
            c.Abort()
            return
        }
        token := strings.TrimSpace(h[len("Bearer "):])
        username, err := auth.ParseToken(token, secret)
        if err != nil {
            resp.Error(c, http.StatusUnauthorized, "invalid token")
            c.Abort()
            return
        }
        c.Set("username", username)
        c.Next()
    }
}