package frontend

import (
	"log"
	"net/http"
	"strings"

	b "streifling.com/jason/cpolis/cmd/backend"
)

func ServePDFs(c *b.Config) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		idToken := r.Header.Get("Authorization")
		if idToken == "" {
			http.Error(w, "Authorization header missing", http.StatusUnauthorized)
		}

		client, err := b.NewClient()
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		_, err = client.Verify(idToken)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusUnauthorized)
			return
		}

		pdfIDsString := r.PathValue("ids")
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		pdfIDs := strings.Split(pdfIDsString, ",")

		for _, id := range pdfIDs {
			http.ServeFile(w, r, id)
		}
	}
}