import { ApiError } from "../exceptions/api-error.js";
import tokenService from "#modules/users-management/auth/services/token-service.js";
import type { NextFunction, Request, Response } from "express";
import { logger } from "#plugins/logger.js";

export default function () {
  return function (req: Request, res: Response, next: NextFunction) {
    try {
      // авторизация
      const authorizationHeader = req.headers.authorization;

      if (!authorizationHeader) {
        return next(ApiError.UnauthorizedError());
      }

      const accessToken = authorizationHeader.split(" ")[1];
      if (!accessToken) {
        return next(ApiError.UnauthorizedError());
      }

      const userData = tokenService.validateAccessToken(accessToken);
      if (!userData) {
        return next(ApiError.UnauthorizedError());
      }

      req.user = userData;
      next();
    } catch (e) {
      logger.silly(e);
      return next(ApiError.UnauthorizedError());
    }
  };
}