const jwt = require('jsonwebtoken')
const userModel = require('../model/user.model')
const response = require('../utils/responseHandler')

module.exports = (req, res, next) => {
  const authHeader = req.headers.authorization
  const token = authHeader && authHeader.split(' ')[1]

  if (!token)
    return response.error(res, {
      code: 401,
      message: 'Token tidak ada',
    })

  jwt.verify(token, process.env.SRU51, async (err, data) => {
    if (err)
      return response.error(res, {
        code: 401,
        message: 'Unauthorized',
      })
    try {
      const user = await userModel.findById(data._id)
      req.user = user
      req.no_laporan = data.no_laporan
      req.level = data.level
      next()
    } catch (error) {
      return response.error(res, {
        code: 401,
        message: 'Unauthorized',
      })
    }
  })
}