const { query } = require('../db');
const { asyncHandler } = require('../utils/asyncHandler');
const { ROLES } = require('../constants/roles');

function requireAuth(req, res, next) {
  if (!req.session.userId) {
    const nextUrl = encodeURIComponent(req.originalUrl);
    return res.redirect(`/login?next=${nextUrl}`);
  }
  next();
}

function requireAdmin(req, res, next) {
  if (!req.session.userId) {
    const nextUrl = encodeURIComponent(req.originalUrl);
    return res.redirect(`/login?next=${nextUrl}`);
  }
  if (res.locals.user?.role !== ROLES.ADMIN) {
    return res.status(403).render('error', {
      title: 'Доступ запрещён',
      message: 'Недостаточно прав. Требуется роль администратора.',
      code: 403,
    });
  }
  next();
}

const loadUser = asyncHandler(async (req, res, next) => {
  if (req.session.userId) {
    const { rows } = await query(
      'SELECT id, email, name, role FROM users WHERE id = $1',
      [req.session.userId]
    );
    res.locals.user = rows[0] || null;
  } else {
    res.locals.user = null;
  }
  res.locals.isAdmin = res.locals.user?.role === ROLES.ADMIN;
  next();
});

module.exports = { requireAuth, requireAdmin, loadUser };