package mw

import (
	"applet/app/e"
	"applet/app/utils"
	"errors"
	"github.com/dgrijalva/jwt-go"
	"strings"
	"time"

	"github.com/gin-gonic/gin"
)

// AuthJWT is jwt middleware
func AuthJWT(c *gin.Context) {

	//获取请求头中的Authorization
	authHeader := c.Request.Header.Get("Authorization")
	if authHeader == "" {
		e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 不能为空"))
		return
	}

	//拆分Authorization字段获取token字符串
	parts := strings.SplitN(authHeader, " ", 2)
	if !(len(parts) == 2 && parts[0] == "Bearer") {
		e.OutErr(c, e.ERR_TOKEN_FORMAT, errors.New("token 格式不对"))
		return
	}

	//验证token字符串
	claim, err := utils.ParseToken(parts[1])
	if err != nil {
		v, _ := err.(*jwt.ValidationError)
		if v.Errors == jwt.ValidationErrorExpired {
			e.OutErr(c, e.ERR_TOKEN_EXPIRE, errors.New("token 过期已失效"))
			return
		}
		e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 验证失败"))
		return
	}

	//过期判断
	if time.Now().Unix() > claim.ExpiresAt {
		e.OutErr(c, e.ERR_TOKEN_EXPIRE, errors.New("token 过期已失效"))
		return
	}
	//设置上下文信息
	c.Set("master_id", claim.MasterId)
	c.Next()
}