package csrf

import (
	"html/template"
	"net/http"

	"github.com/a-h/templ"
	"github.com/gorilla/csrf"
	"github.com/gorilla/securecookie"
)

func Handler() func(http.Handler) http.Handler {
	return csrf.Protect(
		securecookie.GenerateRandomKey(32),
		csrf.SameSite(csrf.SameSiteStrictMode),
		csrf.FieldName("csrffield.field"), // should match the structure in `Csrf`
	)
}

// CsrfField handles the CSRF data for a form.
// Include it verbatim and then use `{{.CsrfField}}` in templates.
type CsrfField struct {
	field template.HTML `form:"-" schema:"-"`
}

func (c *CsrfField) SetCsrfField(r *http.Request) {
	c.field = csrf.TemplateField(r)
}

func (c *CsrfField) Csrf() templ.Component {
	return templ.Raw(c.field)
}

type Enabled interface {
	SetCsrfField(r *http.Request)
}