package server

import (
	"context"

	"git.haelnorr.com/h/golib/hlog"
	"git.haelnorr.com/h/golib/hws"
	"git.haelnorr.com/h/golib/hwsauth"
	"git.haelnorr.com/h/oslstats/internal/db"
	"git.haelnorr.com/h/oslstats/internal/handlers"
	"github.com/pkg/errors"
	"github.com/uptrace/bun"
)

func setupAuth(
	cfg *hwsauth.Config,
	logger *hlog.Logger,
	conn *db.DB,
	server *hws.Server,
	ignoredPaths []string,
) (*hwsauth.Authenticator[*db.User, bun.Tx], error) {
	beginTx := func(ctx context.Context) (hwsauth.DBTransaction, error) {
		tx, err := conn.BeginTx(ctx, nil)
		return tx, err
	}
	auth, err := hwsauth.NewAuthenticator(
		cfg,
		db.GetUserByID,
		server,
		beginTx,
		logger,
		handlers.ErrorPage,
		conn.DB.DB,
	)
	if err != nil {
		return nil, errors.Wrap(err, "hwsauth.NewAuthenticator")
	}

	err = auth.IgnorePaths(ignoredPaths...)
	if err != nil {
		return nil, errors.Wrap(err, "auth.IgnorePaths")
	}

	db.CurrentUser = auth.CurrentModel

	return auth, nil
}