package ratelimit

import (
	"github.com/redis/go-redis/v9"
	"go.uber.org/zap"

	"codeberg.org/mapleopentech/monorepo/cloud/maplepress-backend/config"
)

// ProvideRateLimiter provides a rate limiter for dependency injection (registration endpoints)
func ProvideRateLimiter(redisClient *redis.Client, cfg *config.Config, logger *zap.Logger) RateLimiter {
	rateLimitConfig := Config{
		MaxRequests: cfg.RateLimit.RegistrationMaxRequests,
		Window:      cfg.RateLimit.RegistrationWindow,
		KeyPrefix:   "ratelimit:registration",
	}

	return NewRateLimiter(redisClient, rateLimitConfig, logger)
}

// ProvideGenericRateLimiter provides a rate limiter for generic CRUD endpoints (CWE-770)
// This is used for authenticated endpoints like tenant/user/site management, admin endpoints
// Strategy: User-based limiting (authenticated user ID from JWT)
func ProvideGenericRateLimiter(redisClient *redis.Client, cfg *config.Config, logger *zap.Logger) RateLimiter {
	rateLimitConfig := Config{
		MaxRequests: cfg.RateLimit.GenericMaxRequests,
		Window:      cfg.RateLimit.GenericWindow,
		KeyPrefix:   "ratelimit:generic",
	}

	return NewRateLimiter(redisClient, rateLimitConfig, logger)
}

// ProvidePluginAPIRateLimiter provides a rate limiter for WordPress plugin API endpoints (CWE-770)
// This is used for plugin endpoints that are core business/revenue endpoints
// Strategy: Site-based limiting (API key → site_id)
func ProvidePluginAPIRateLimiter(redisClient *redis.Client, cfg *config.Config, logger *zap.Logger) RateLimiter {
	rateLimitConfig := Config{
		MaxRequests: cfg.RateLimit.PluginAPIMaxRequests,
		Window:      cfg.RateLimit.PluginAPIWindow,
		KeyPrefix:   "ratelimit:plugin",
	}

	return NewRateLimiter(redisClient, rateLimitConfig, logger)
}