package middleware

import (
	"net/http"
	"os"

	"github.com/gin-gonic/gin"
)

// AdminAuth 管理端鉴权：校验登录态（Cookie 或 Authorization），未登录返回 401
// 开发模式（GIN_MODE=debug）下暂不校验，便于联调；生产请实现 Session/JWT
func AdminAuth() gin.HandlerFunc {
	return func(c *gin.Context) {
		if os.Getenv("GIN_MODE") == "debug" {
			c.Next()
			return
		}
		_, err := c.Cookie("admin_session")
		if err != nil {
			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"success": false, "error": "未登录"})
			return
		}
		c.Next()
	}
}