// Shared Authentication Utility for Admin Panel
// Include this file in all admin pages to handle authentication

// Global authentication state
window.adminAuth = {
  user: null,
  isAuthenticated: false,
};

// Check authentication and redirect if needed
async function checkAuth() {
  try {
    const response = await fetch("/api/admin/session", {
      credentials: "include",
      headers: {
        Accept: "application/json",
      },
    });

    if (!response.ok) {
      redirectToLogin();
      return false;
    }

    const data = await response.json();
    if (!data.authenticated) {
      redirectToLogin();
      return false;
    }

    // Store user data
    window.adminAuth.user = data.user;
    window.adminAuth.isAuthenticated = true;
    return true;
  } catch (error) {
    console.error("Authentication check failed:", error);
    redirectToLogin();
    return false;
  }
}

// Redirect to login page
function redirectToLogin() {
  if (window.location.pathname !== "/admin/login.html") {
    window.location.href = "/admin/login.html";
  }
}

// Logout function
async function logout() {
  try {
    const response = await fetch("/api/admin/logout", {
      method: "POST",
      credentials: "include",
    });

    if (response.ok) {
      window.adminAuth.user = null;
      window.adminAuth.isAuthenticated = false;
      window.location.href = "/admin/login.html";
    }
  } catch (error) {
    console.error("Logout failed:", error);
    window.location.href = "/admin/login.html";
  }
}

// Show success notification
function showSuccess(message) {
  const alert = document.createElement("div");
  alert.className =
    "alert alert-success alert-dismissible fade show position-fixed";
  alert.style.cssText =
    "top: 20px; right: 20px; z-index: 9999; min-width: 300px;";
  alert.innerHTML = `
    ${message}
    <button type="button" class="btn-close" data-bs-dismiss="alert"></button>
  `;
  document.body.appendChild(alert);
  setTimeout(() => alert.remove(), 5000);
}

// Show error notification
function showError(message) {
  const alert = document.createElement("div");
  alert.className =
    "alert alert-danger alert-dismissible fade show position-fixed";
  alert.style.cssText =
    "top: 20px; right: 20px; z-index: 9999; min-width: 300px;";
  alert.innerHTML = `
    ${message}
    <button type="button" class="btn-close" data-bs-dismiss="alert"></button>
  `;
  document.body.appendChild(alert);
  setTimeout(() => alert.remove(), 5000);
}

// Auto-check authentication when this script loads
// Only run if we're not on the login page
if (window.location.pathname !== "/admin/login.html") {
  document.addEventListener("DOMContentLoaded", function () {
    checkAuth();
  });
}