const jwt = require('jsonwebtoken')
const userModel = require('../model/user.model')
const response = require('../utils/responseHandler')

module.exports = (req, res, next) => {
  const authHeader = req.headers.authorization
  const token =
    (req.params.token && req.params.token.split(' ')[1]) ||
    (authHeader && authHeader.split(' ')[1])

  if (!token)
    return response.error(res, {
      code: 401,
      message: 'Token tidak ada',
    })

  jwt.verify(token, process.env.SECRET, async (err, data) => {
    if (err)
      return response.error(res, {
        code: 401,
        message: 'Unauthorized',
      })
    try {
      const user = await userModel.findById(data._id)
      req.user = user
      next()
    } catch (error) {
      return response.error(res, {
        code: 401,
        message: 'Unauthorized',
      })
    }
  })
}