const { getLock } = require("./arangodb");
const { checkToken } = require("./verlikifyhandler");
const { getRequiredScopes } = require("./scopes");

const verifyToken = (req, res, next) => {
    const { token } = req.headers.token?req.headers:req.query;
    //console.log(token)
    if (!token) {
        console.log("no token")
        return res.status(403).json("no token received")
    } else {
        const { id , scopes} = JSON.parse(Buffer.from(token.split(".")[1], "base64").toString())
    //    console.log(scopes)
	getLock({ id }).then((lock) => {
        //console.log(lock)
            const {valid, reason} = checkToken(token, getRequiredScopes((req.baseUrl+req.url).split("?")[0]), lock)
            console.log(valid, reason)
	    if (valid) {
                req.tokendata = {id, scopes}
                next()
            }else{
                // console.log(reason)
                return res.status(403).json(reason)
            }
        }, (error, message)=>{
            console.log(error, message)
            return res.status(error).json(message)
        })
    }
}


module.exports = {
    verifyToken
}