package handlers

import (
	"crypto/sha256"
	"encoding/base64"
	"fmt"
	"sync"
	"time"

	"licensing-cotton/internal/database"
)

var (
	sessionMap   = make(map[string]string) // token -> username
	sessionMutex sync.RWMutex
)

// 生成一个简单的 session token
func generateSessionToken(username string) string {
	data := fmt.Sprintf("%s:%d", username, time.Now().UnixNano())
	sum := sha256.Sum256([]byte(data))
	return base64.URLEncoding.EncodeToString(sum[:])
}

func setSession(token, username string) {
	sessionMutex.Lock()
	defer sessionMutex.Unlock()
	sessionMap[token] = username
}

func getSessionUsername(token string) (string, bool) {
	sessionMutex.RLock()
	defer sessionMutex.RUnlock()
	u, ok := sessionMap[token]
	return u, ok
}

// 也可以把 dbQueryRole 写这里或单独再抽一个地方
func dbQueryRole(username string, role *string) error {
	return database.DB.QueryRow(`SELECT role FROM users WHERE username=?`, username).
		Scan(role)
}