<?php
if (session_status() !== PHP_SESSION_ACTIVE) session_start();

$wsPermissions = [
    'displaycontrol' => ['access_granted_wk_leitung'],
    'einstellungen' => ['access_granted_wk_leitung'],
    'kampfrichter' => ['access_granted_kampfrichter']
];

$baseDir = $_SERVER['DOCUMENT_ROOT'];

require_once __DIR__ . '/../redis/connect-to-redis.php';

$redisSaveTime = 100;
$redis = null;

connectToRedis();

function checkWSTokenPermissions($RPerm) {
    switch ($RPerm) {
        case 'displaycontrol':
            return $_SESSION['access_granted_wk_leitung'] ?? false;
        case 'einstellungen':
            return $_SESSION['access_granted_wk_leitung'] ?? false;
        case 'kampfrichter';
            return $_SESSION['access_granted_kampfrichter'] ?? false;
        default:
            return false;
    }
}

function generateWSToken($wsRequestedPermission) {
    
    global $redis;

    if (!checkWSTokenPermissions($wsRequestedPermission)) return null;

    $wsGrantedPermission = [];

    if ($wsRequestedPermission === 'kampfrichter') {
        if (!isset($_SESSION['selectedFreigabeKampfrichter'])) return null;
        $wsGrantedPermission['type'] = 'kampfrichter';
        $wsGrantedPermission['access'] = $_SESSION['selectedFreigabeKampfrichter'];
    } else {
        $wsGrantedPermission['type'] = $wsRequestedPermission;
    }

    $token = bin2hex(random_bytes(32));
    $key = "ws:token:" . $token;

    $success = $redis->set($key, json_encode($wsGrantedPermission), ['nx', 'ex' => 10]);

    $_SESSION['WS_KEY'] = $key;

    return $key;
}