package middleware

import (
	"strings"

	"github.com/gofiber/fiber/v2"
	"github.com/google/uuid"
)

// RequestID generates a unique request ID for each request and stores it in Locals and response header.
func RequestID(c *fiber.Ctx) error {
	id := c.Get("X-Request-ID")
	if id == "" {
		id = uuid.NewString()
	}
	// Truncate client-provided request IDs to prevent abuse
	if len(id) > 64 {
		id = id[:64]
	}
	// Strip non-printable characters to prevent log injection
	id = strings.Map(func(r rune) rune {
		if r < 32 || r == 127 {
			return -1
		}
		return r
	}, id)
	c.Locals("requestID", id)
	c.Set("X-Request-ID", id)
	return c.Next()
}