using Femto.Api.Auth;
using Femto.Modules.Auth.Application.Dto;

namespace Femto.Api.Sessions;

internal static class HttpContextSessionExtensions
{
    public static void SetSession(
        this HttpContext httpContext,
        Session session,
        CookieSettings cookieSettings
    )
    {
        httpContext.Response.Cookies.Append(
            "session",
            session.SessionId,
            new CookieOptions
            {
                HttpOnly = true,
                Secure = cookieSettings.Secure,
                SameSite = cookieSettings.SameSite ? SameSiteMode.Strict : SameSiteMode.Unspecified,
                Expires = session.Expires,
            }
        );

        httpContext.Response.Cookies.Append(
            "hasSession",
            "true",
            new CookieOptions
            {
                Secure = cookieSettings.Secure,
                SameSite = cookieSettings.SameSite ? SameSiteMode.Strict : SameSiteMode.Unspecified,
                Expires = session.Expires,
            }
        );
    }

    public static void DeleteSession(this HttpContext httpContext)
    {
        httpContext.Response.Cookies.Delete("session");
        httpContext.Response.Cookies.Delete("hasSession");
    }
}