package middleware

import (
	"me-fit/utils"

	"context"
	"database/sql"
	"net/http"
)

func EnsureValidSession(db *sql.DB, next http.Handler) http.Handler {

	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

		user := utils.GetUserFromSession(db, r)
		if user == nil {
			utils.DoRedirect(w, r, "/auth/signin")
			return
		}

		if !user.EmailVerified && r.URL.Path != "/auth/verify" {
			utils.DoRedirect(w, r, "/auth/verify")
			return
		}

		ctx := context.WithValue(r.Context(), utils.ContextKeyUser, user)

		next.ServeHTTP(w, r.WithContext(ctx))
	})
}