class APIController < ApplicationController
  before_action :default_format_json
  before_action :authenticate_from_token
  before_action :ensure_authorized_network, if: -> { @api_token.present? }
  before_action :ensure_token_is_not_expired, if: -> { @api_token.present? }

  before_action do
    Current.browser = 'api'
  end

  private

  def default_format_json
    request.format = "json" if !request.params[:format]
  end

  def check_api_token
    if @api_token.nil?
      render json: {}, status: :unauthorized
    end
  end

  def authenticate_from_token
    @api_token = authenticate_with_http_token { |t, _o| APIToken.authenticate(t) }

    # legacy way of sending the token by url
    # not available in api v2
    if @api_token.nil?
      @api_token = APIToken.authenticate(params[:token])
    end

    if @api_token.present?
      @api_token.touch(:last_v1_authenticated_at)
      @api_token.store_new_ip(request.remote_ip)
      @current_user = @api_token.administrateur.user
    end
  end

  def ensure_authorized_network
    if @api_token.forbidden_network?(request.remote_ip)
      address = IPAddr.new(request.remote_ip)
      render json: { errors: ["request issued from a forbidden network. Add #{address.to_string}/#{address.prefix} to your allowed adresses in your /profil"] }, status: :forbidden
    end
  end

  def ensure_token_is_not_expired
    if @api_token.expired?
      render json: { errors: ['token expired'] }, status: :unauthorized
    end
  end
end