#api/__init__.py
import os
from functools import wraps
from flask import jsonify, session, Blueprint
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address

import importlib


def require_auth(roles=[]):
    def decorator(func):
        @wraps(func)
        def wrapper(*args, **kwargs):
            user = session.get('user')
            if not user:
                return jsonify({"error": "Unauthorized"}), 401
            if user.get('role') not in roles:
                return jsonify({"error": "Forbidden, permission denied"}), 403
            return func(*args, **kwargs)
        return wrapper
    return decorator


limiter = Limiter(
    key_func=get_remote_address,
    default_limits=["100 per minute"]
)


def register_blueprints(app):
    current_dir = os.path.dirname(__file__)
    for filename in os.listdir(current_dir):
        if filename == "__init__.py" or not filename.endswith(".py"):
            continue
        module_name = filename[:-3]
        module = importlib.import_module(f"api.{module_name}")
        for attr in dir(module):
            bp = getattr(module, attr)
            if isinstance(bp, Blueprint):
                app.register_blueprint(bp)