package middleware

import (
	"net/http"

	"github.com/gin-gonic/gin"
)

// AdminAuth returns a Gin middleware that validates the admin token.
// The token may be supplied via the `token` query parameter or the
// `Authorization` request header.
func AdminAuth(token string) gin.HandlerFunc {
	return func(c *gin.Context) {
		t := c.Query("token")
		if t == "" {
			t = c.GetHeader("Authorization")
		}
		if t != token {
			c.AbortWithStatusJSON(http.StatusForbidden, gin.H{
				"success": false,
				"message": "权限不足",
			})
			return
		}
		c.Next()
	}
}