package main

import (
	"database/sql"
	"encoding/json"
	"fmt"
	"log"
	"net/http"
	"os"
	"time"

	"github.com/gorilla/mux"
	"github.com/gorilla/sessions"
	"golang.org/x/crypto/bcrypt"
	_ "modernc.org/sqlite"
)

var (
	db    *sql.DB
	store = sessions.NewCookieStore([]byte(os.Getenv("SESSION_SECRET")))
)

func main() {
	initDB()
	defer db.Close()

	r := mux.NewRouter()
	r.Use(middleware.CORS, middleware.RateLimit, middleware.AuditLog)

	// 公共路由
	r.HandleFunc("/api/register", registerHandler).Methods("POST")
	r.HandleFunc("/api/login", loginHandler).Methods("POST")

	// 用户路由
	userRouter := r.PathPrefix("/api/user").Subrouter()
	userRouter.Use(middleware.Auth)
	userRouter.HandleFunc("/request", submitIPRequestHandler).Methods("POST")

	// 管理路由
	adminRouter := r.PathPrefix("/api/admin").Subrouter()
	adminRouter.Use(middleware.AdminAuth)
	adminRouter.HandleFunc("/approve", approveRequestHandler).Methods("POST")

	log.Println("Server started on :8080")
	log.Fatal(http.ListenAndServe(":8080", r))
}

func initDB() {
	var err error
	db, err = sql.Open("sqlite", "db/firewall.db")
	if err != nil {
		log.Fatal("Failed to open database:", err)
	}
}