using BCards.Web.Services;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.AspNetCore.Mvc;

namespace BCards.Web.Attributes
{
    public class ModeratorAuthorizeAttribute : Attribute, IAuthorizationFilter
    {
        public void OnAuthorization(AuthorizationFilterContext context)
        {
            var user = context.HttpContext.User;

            if (!user.Identity?.IsAuthenticated == true)
            {
                context.Result = new RedirectToActionResult("Login", "Auth",
                    new { returnUrl = context.HttpContext.Request.Path });
                return;
            }

            var moderationAuth = context.HttpContext.RequestServices
                .GetRequiredService<IModerationAuthService>();

            if (!moderationAuth.IsUserModerator(user))
            {
                context.Result = new ForbidResult();
                return;
            }

            // Adicionar flag para views
            context.HttpContext.Items["IsModerator"] = true;
        }
    }
}