// (C) 2007-2019 GoodData Corporation
import * as HttpStatusCodes from "http-status-codes";
import { RequestHandler, Request, Response, NextFunction } from "express";
import { throttle } from "lodash";

export interface ISimulateTokenExpirationOptions {
    expirationTime: number;
    publicPaths: string[];
}

class TokenHandler {
    constructor(private isValidToken: boolean = true) {}

    public setTokenState(state: boolean) {
        this.isValidToken = state;
    }

    public isTokenValid(): boolean {
        return this.isValidToken;
    }
}

export function tokenExpiration(options: ISimulateTokenExpirationOptions): RequestHandler {
    const tokenHandler = new TokenHandler();

    const invalidateToken = throttle(() => tokenHandler.setTokenState(false), options.expirationTime, {
        leading: false,
    });

    return (req: Request, res: Response, next: NextFunction) => {
        if (!req.path.match(/\/gdc/)) {
            return next();
        }

        // In case of request on the `/gdc/account/token` endpoint
        // token is marked as valid and 200 response is returned.

        const isTokenRequest = req.path.match(/\/gdc\/account\/token/);

        if (isTokenRequest) {
            tokenHandler.setTokenState(true);

            return res.status(HttpStatusCodes.OK).end();
        }

        if (tokenHandler.isTokenValid()) {
            invalidateToken();

            return next();
        }

        return res.status(HttpStatusCodes.UNAUTHORIZED).end();
    };
}