const fs = require('fs')
const jwt = require('jsonwebtoken')

const cert = fs.readFileSync(`${process.cwd()}/cert/jwt_256_rsa.pub`, 'utf8')

const auth = async (req, res, next) => {
  try {
    const jwtToken = req.body.jwtToken

    if (!jwtToken) throw new Error()

    const user = jwt.verify(jwtToken, cert, { algorithms: ['RS256'], issuer: 'pruss.it' })

    if (!user) throw new Error()

    req.user = user

    return next()
  } catch (err) {
    const error = err === 'jwt expired' ? err.message : 'unauthorized'

    res.status(401).send({ error })
  }
}

module.exports = auth