const jwt=require("jsonwebtoken");

const config=require("../config/main.js");

const userTools=require("../controllers/user.js");

const txt = require("../lang/"+config.adminLang+"/general");

module.exports = async (req, res, next) =>
{
    try
    {
        if(!req.headers.authorization)
            throw { message: txt.failAuthHeader, status:401 };
        else
        {
            const token=req.headers.authorization.split(" ")[1]; // Le header contient "Bearer" avant le token lui-même.
            const connectedUser=await userTools.checkTokenUser(token);
            if(connectedUser===false)
                throw { message: txt.failAuthToken, status:403 };
            else
            {
                if (req.body.UserId && req.body.UserId !== connectedUser.User.id && connectedUser.User.status==="user")
                    throw { message: txt.failAuthId+req.body.UserId +" vs "+connectedUser.User.id, status:403 };
                else
                {
                    req.connectedUser=connectedUser;
                    next();
                }
            }
        }
    }
    catch(e)
    {
        next(e);
    }
};