import { ApiError } from "../exceptions/api-error.js";
import tokenService from "#modules/user/auth/services/token-service.js";

export default function () {
  return function (req, res, next) {
    try {
      // авторизация
      const authorizationHeader = req.headers.authorization;

      if (!authorizationHeader) {
        return next(ApiError.UnauthorizedError());
      }

      const accessToken = authorizationHeader.split(" ")[1];
      if (!accessToken) {
        return next(ApiError.UnauthorizedError());
      }

      const userData = tokenService.validateAccessToken(accessToken);
      if (!userData) {
        return next(ApiError.UnauthorizedError());
      }

      req.user = userData;
      next();
    } catch (e) {
      return next(ApiError.UnauthorizedError());
    }
  };
}