using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.Extensions.DependencyInjection;
using System;
using System.Threading.Tasks;
using Znyc.Cloudcar.Admin.WebApi.Auth;

namespace Znyc.Cloudcar.Admin.WebApi.Attributes
{
    /// <summary>
    ///     定时任务启动密钥
    /// </summary>
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true)]
    public class QuartzAttribute : AuthorizeAttribute, IAuthorizationFilter, IAsyncAuthorizationFilter
    {
        private IApiHandler _apiHandler;

        /// <summary>
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>
        public Task OnAuthorizationAsync(AuthorizationFilterContext context)
        {
            OnAuthorization(context);
            return Task.CompletedTask;
        }

        /// <summary>
        /// </summary>
        /// <param name="context"></param>
        public async void OnAuthorization(AuthorizationFilterContext context)
        {
            string apiUrl = context.HttpContext.Request.Path.Value;
            _apiHandler = context.HttpContext.RequestServices.GetService<IApiHandler>();
            Security.Entitys.ApiEntity entity = await _apiHandler.ValidateAsync(apiUrl);
            //key/value 存入数据库去查询，不同的api对应不同的key/value
            string authHeader = context.HttpContext.Request.Headers[entity.AuthKey];
            if (authHeader != null && authHeader.Equals(entity.AuthValue))
            {
                return;
            }

            context.Result = new StatusCodeResult(StatusCodes.Status401Unauthorized);
        }
    }
}