// Filename: internal/middleware/security.go

package middleware

import (
	"gemini-balancer/internal/service"
	"gemini-balancer/internal/settings"
	"net/http"

	"github.com/gin-gonic/gin"
)

func IPBanMiddleware(securityService *service.SecurityService, settingsManager *settings.SettingsManager) gin.HandlerFunc {
	return func(c *gin.Context) {
		if !settingsManager.IsIPBanEnabled() {
			c.Next()
			return
		}
		ip := c.ClientIP()
		isBanned, err := securityService.IsIPBanned(c.Request.Context(), ip)
		if err != nil {
			c.Next()
			return
		}
		if isBanned {
			c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "您的IP已被暂时封禁，请稍后再试"})
			return
		}
		c.Next()
	}
}