const { User } = require('../dao/models');
const ApplicationError = require('../utils/application-error');
const jwt = require('jsonwebtoken');
/**
* Middleware for verifying and processing user tokens.
*
* This middleware checks for the presence and validity of the user token in the request.
* If the user token is valid, the user object is added to the `req.user` property
* property for further use in other parts of the application. If the token is missing or invalid,
* an error of type `ApplicationError.BadToken` is thrown.
*
* @param {object} req - Express request object.
* @param {object} res - The Express response object.
* @param {function} next - A function to move to the next middleware.
*/
module.exports = async (req, res, next) => {
  let userJwt;
  try {
    userJwt = jwt.verify(req.accessToken, process.env.USER_JWT_ACCESS_SECRET);
  } catch(err) {
    throw ApplicationError.BadToken();
  }
  req.user = await User.findOne({ where: { id: userJwt.id }, attributes: { exclude: ['salt', 'passwordHashed']}});
  if (!req.user) {
    throw ApplicationError.BadToken();
  }

  next();
};