'user strict';
const { ROOT_PATH, API_CONFIG } = process.env;
const apiConfig = require( `${ROOT_PATH}/${API_CONFIG}` );
const jwt = require('jsonwebtoken');
const jwtSecret = apiConfig.authentication.jwtSecret;

function middleware( req, res, next ){
    if( req.JWT ){
        req.JWT.isValid = false;
        try{
            req.JWT.payload = jwt.verify( req.JWT.raw, jwtSecret );
            if( !req.JWT.payload ){
                return res.status(401).send({error:"Unauthorized",code:401});
            }else{
                req.JWT.isValid = true;
            }
        }catch( err ){
            return res.status(401).send({error:"Unauthorized",code:401});
        }
        next();
    }else{
        return res.status(401).send({error:"Unauthorized",code:401});
    }
}

module.exports = {
    middleware
};