/*
 * This file is part of laurelin/api
 * Copyright (C) 2023 Jonni Liljamo <jonni@liljamo.com>
 *
 * Licensed under GPL-3.0-only.
 * See LICENSE for licensing information.
 */

use actix_session::Session;
use actix_web::HttpResponse;
use laurelin_shared::error::api::APIError;

pub(crate) fn validate_session(session: &Session) -> Result<String, HttpResponse> {
    let user_id: Option<String> = session.get("user_id").unwrap_or(None);

    match user_id {
        None => Err(HttpResponse::Unauthorized().json(APIError::NotAuthorized)),
        Some(id) => {
            // keep alive
            session.renew();
            Ok(id)
        }
    }
}