package session

import (
	"fmt"

	"github.com/authelia/session/v2"
	"github.com/authelia/session/v2/providers/redis"

	"github.com/valyala/fasthttp"

	"github.com/authelia/authelia/internal/configuration/schema"
	"github.com/authelia/authelia/internal/utils"
)

// NewProviderConfig creates a configuration for creating the session provider.
func NewProviderConfig(configuration schema.SessionConfiguration) ProviderConfig {
	config := session.NewDefaultConfig()

	// Override the cookie name.
	config.CookieName = configuration.Name

	// Set the cookie to the given domain.
	config.Domain = configuration.Domain

	// Only serve the header over HTTPS.
	config.Secure = true

	// Ignore the error as it will be handled by validator.
	config.Expiration, _ = utils.ParseDurationString(configuration.Expiration)

	// TODO(c.michaud): Make this configurable by giving the list of IPs that are trustable.
	config.IsSecureFunc = func(*fasthttp.RequestCtx) bool {
		return true
	}

	var redisConfig *redis.Config

	var providerName string

	// If redis configuration is provided, then use the redis provider.
	if configuration.Redis != nil {
		providerName = "redis"
		serializer := NewEncryptingSerializer(configuration.Secret)
		network := "tcp"

		var addr string

		if configuration.Redis.Port == 0 {
			network = "unix"
			addr = configuration.Redis.Host
		} else {
			addr = fmt.Sprintf("%s:%d", configuration.Redis.Host, configuration.Redis.Port)
		}

		redisConfig = &redis.Config{
			Network:  network,
			Addr:     addr,
			Password: configuration.Redis.Password,
			// DB is the fasthttp/session property for the Redis DB Index.
			DB:          configuration.Redis.DatabaseIndex,
			PoolSize:    8,
			IdleTimeout: 300,
			KeyPrefix:   "authelia-session",
		}
		config.EncodeFunc = serializer.Encode
		config.DecodeFunc = serializer.Decode
	} else { // if no option is provided, use the memory provider.
		providerName = "memory"
	}

	return ProviderConfig{
		config:       config,
		redisConfig:  redisConfig,
		providerName: providerName,
	}
}