import type { Handle } from '@sveltejs/kit';
import * as auth from '$lib/server/auth';
import { db } from '$lib/server/db';
import { usersToPermissions, usersToRoles } from '$lib/server/db/schema/schema';
import { eq } from 'drizzle-orm';
import { permissions } from '$lib/server/db/schema/permissions';
import { roles } from '$lib/server/db/schema/roles';

const handleAuth: Handle = async ({ event, resolve }) => {
	const sessionToken = event.cookies.get(auth.sessionCookieName);

	if (!sessionToken) {
		event.locals.user = null;
		event.locals.session = null;
		return resolve(event);
	}
	const result = await auth.validateSessionToken(sessionToken);
	if (!result || !result.session || !result.user) {
		auth.deleteSessionTokenCookie(event.cookies);
		event.locals.user = null;
		event.locals.session = null;
		return resolve(event);
	}
	const { session, user } = result;

	if (session) {
		auth.setSessionTokenCookie(event, sessionToken, session.expires_at);
	}

	event.locals.user = user;
	event.locals.session = session;

	const result2 = await db
		.select()
		.from(permissions)
		.innerJoin(usersToPermissions, eq(usersToPermissions.permission_id, permissions.id))
		.where(eq(usersToPermissions.user_id, user.id));

	event.locals.permissions = result2.map((result) => {
		return result.permission;
	});

	const result3 = await db
		.select()
		.from(roles)
		.innerJoin(usersToRoles, eq(usersToRoles.role_id, roles.id))
		.where(eq(usersToRoles.user_id, user.id));

	event.locals.roles = result3.map((result) => {
		return result.role;
	});

	return resolve(event);
};

export const handle: Handle = handleAuth;