package csrf

import (
	"crypto/md5"
	"fmt"
	"strconv"
	"time"
)

// authenticated routes

// compare two. possibly change this into middleware?
func (c CSRF) AuthCheck(userID string, routeName string, givenToken string) bool {
	minfactor := strconv.Itoa(time.Now().Hour())
	minfactor_1 := strconv.Itoa(time.Now().Hour() - 1)
	comp := fmt.Sprintf("%x", md5.Sum([]byte(userID+routeName+c.CSRFKey+minfactor)))
	comp2 := fmt.Sprintf("%x", md5.Sum([]byte(userID+routeName+c.CSRFKey+minfactor_1)))
	// comp := sha256.New()
	// comp.Write([]byte(userID + routeName + CSRFKey + strconv.Itoa(time.Now().Hour())))
	// be charitable:
	//comp2 := sha256.New()
	//comp2.Write([]byte(userID + routeName + CSRFKey + strconv.Itoa(time.Now().Hour()-1)))
	if comp == givenToken {
		return true
	}
	// second comparison for last hour:
	return comp2 == givenToken
	//return fmt.Sprintf("%x", comp2.Sum(nil)) == givenToken
}