const jwt = require('jsonwebtoken')
const { model: Users } = require('../models/Users')

const auth = async (req, res, next) => {
    try {
        // const token = req.header('Authorization').replace('Bearer ', '')
        const token = req.cookies['todo-jt']

        if (token === '') {
            res.redirect(401, '/login')
        }
        const decoded_token = jwt.verify(token, process.env.JWT_SECRET)
        const user = await Users.findOne({ _id: decoded_token._id, 'tokens.token': token })

        if (!user) {
            throw new Error()
        }

        req.token = token
        req.user = user

        next()
    } catch (e) {
        res.status(401).send({ error: 'Please login first.' })
    }
}
module.exports = auth