const jwt = require("jsonwebtoken");

const requiresAuth = true;

function auth(req, res, next) {
  if (requiresAuth) {
    const token = req.header(`x-auth-token`);
    if (!token) return res.status(401).send(`Access denied. No token provided`);

    try {
      const decoded = jwt.verify(token, process.env.JWT_PRIVATE_KEY);
      req.user = decoded;

      next();
    } catch (ex) {
      return res.status(400).send(`Invalid token`);
    }
  } else return;
}

exports.auth = auth;