package middleware

import (
	"net"

	"github.com/labstack/echo/v4"
)

func NewIPFilter(allowedRanges []*net.IPNet) echo.MiddlewareFunc {
	return func(next echo.HandlerFunc) echo.HandlerFunc {
		return func(c echo.Context) error {
			if allowedRanges == nil {
				c.Logger().Error("No allowed IPs configured for filter")
				return echo.ErrNotFound
			}

			ip := net.ParseIP(c.RealIP())
			if ip == nil {
				c.Logger().Error("Unable to parse IP in IPFilter")
				return echo.ErrNotFound
			}

			found := false
			for _, ipnet := range allowedRanges {
				if ipnet.Contains(ip) {
					found = true
					break
				}
			}

			if !found {
				c.Logger().Errorf("IP %s not in range for filter", c.RealIP())
				return echo.ErrNotFound
			}

			return next(c)
		}
	}
}