package middleware

import (
	"strings"

	"github.com/gofiber/fiber/v2"
)

// BodyLimit rejects requests whose Content-Length header exceeds maxBytes.
// NOTE: Only checks Content-Length header. Chunked requests without Content-Length
// bypass this check. Fiber's global BodyLimit provides the final safety net.
// Paths matching any of the excludePrefixes are skipped (e.g. upload endpoints
// that legitimately need the global 4GB limit).
// NOTE: excludePrefixes uses HasPrefix matching. Ensure no unintended
// routes share the same prefix as upload endpoints.
func BodyLimit(maxBytes int, excludePrefixes ...string) fiber.Handler {
	return func(c *fiber.Ctx) error {
		for _, prefix := range excludePrefixes {
			if strings.HasPrefix(c.Path(), prefix) {
				return c.Next()
			}
		}
		if c.Request().Header.ContentLength() > maxBytes {
			return c.Status(fiber.StatusRequestEntityTooLarge).JSON(fiber.Map{
				"error": "요청이 너무 큽니다",
			})
		}
		return c.Next()
	}
}