package handlers

import (
	"errors"
	"fmt"
	"io"
	"net/http"

	"git.hamburg.ccc.de/ccchh/spaceapid/config"
	"git.hamburg.ccc.de/ccchh/spaceapid/util"
)

// updateEndpointValidator checks BasicAuth credentials and then returns the request body
func updateEndpointValidator(
	authDB config.HTTPBACredentials, validCredentials []config.HTTPBACredentialID,
	w http.ResponseWriter, r *http.Request,
) ([]byte, error) {
	// Check BasicAuth credentials
	username, password, ok := r.BasicAuth()
	if !ok || !util.CheckCredentials(authDB, validCredentials, username, password) {
		w.Header()["WWW-Authenticate"] = []string{"Basic realm=\"spaceapid\""}
		http.Error(w, "", http.StatusUnauthorized)
		return []byte{}, errors.New(fmt.Sprintf("Unauthorized request from %s Username: %s Password: %s", r.RemoteAddr, username, password))
	}

	// Read request body
	body, err := io.ReadAll(r.Body)
	if err != nil {
		http.Error(w, "", http.StatusInternalServerError)
		return []byte{}, errors.New(fmt.Sprintf("Failed to read request body from %s with error: %s", r.RemoteAddr, err))
	}

	return body, nil
}