package com.beecode.inz.authentication;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.session.web.http.HttpSessionIdResolver;
import org.springframework.util.StringUtils;

public class InzHeaderHttpSessionIdResolver implements HttpSessionIdResolver{
	
	
	private String headerName = "x-auth-token";
	private String paramName = "token";

	@Override
	public List<String> resolveSessionIds(HttpServletRequest request) {
		List<String> ids = new ArrayList<>();
		String sessionId = request.getHeader(this.headerName);
		if(StringUtils.isEmpty(sessionId)){
			sessionId = request.getParameter(paramName);
		}
		if(!StringUtils.isEmpty(sessionId)){
			ids.add(sessionId);
		}
		return ids;
	}

	@Override
	public void setSessionId(HttpServletRequest request, HttpServletResponse response, String sessionId) {
		response.setHeader(this.headerName, sessionId);
		
	}

	@Override
	public void expireSession(HttpServletRequest request, HttpServletResponse response) {
		response.setHeader(this.headerName, "");
		
	}

}