// Package sessions configures the SCS session manager backed by SQLite.
package sessions

import (
	"database/sql"
	"log/slog"
	"net/http"
	"time"

	"github.com/alexedwards/scs/sqlite3store"
	"github.com/alexedwards/scs/v2"
)

// SetupSessionManager creates a configured session manager backed by SQLite.
// Returns the manager and a cleanup function the caller should defer.
func SetupSessionManager(db *sql.DB) (*scs.SessionManager, func()) {
	store := sqlite3store.New(db)
	cleanup := func() { store.StopCleanup() }

	sessionManager := scs.New()
	sessionManager.Store = store
	sessionManager.Lifetime = 30 * 24 * time.Hour
	sessionManager.Cookie.Name = "c4_session"
	sessionManager.Cookie.Path = "/"
	sessionManager.Cookie.HttpOnly = true
	sessionManager.Cookie.Secure = true
	sessionManager.Cookie.SameSite = http.SameSiteLaxMode

	slog.Info("session manager configured")

	return sessionManager, cleanup
}