package middlewares

import (
	"net/http"
	"slices"

	"git.secnex.io/secnex/api-gateway/config"
	"git.secnex.io/secnex/api-gateway/res"
)

func WAF(next http.Handler, wafConfig config.WAFConfiguration) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if !wafConfig.Enabled {
			next.ServeHTTP(w, r)
			return
		}
		if slices.Contains(wafConfig.Methods, "*") {
			next.ServeHTTP(w, r)
			return
		}
		if !slices.Contains(wafConfig.Methods, r.Method) {
			res.Forbidden(w)
			return
		}
		next.ServeHTTP(w, r)
	})
}