const jose = require('jose');
const passportCustom = require('passport-custom');
const CustomStrategy = passportCustom.Strategy;
const User = require('../models/User');

const joseLogin = async () =>
  new CustomStrategy(async (req, done) => {
    const authHeader = req.headers.authorization;

    if (!authHeader || !authHeader.startsWith('Bearer ')) {
      return done(null, false, { message: 'No auth token' });
    }

    const token = authHeader.split(' ')[1];

    try {
      const secret = new TextEncoder().encode(process.env.JWT_SECRET);
      const { payload } = await jose.jwtVerify(token, secret);

      const user = await User.findById(payload.id);
      if (user) {
        done(null, user);
      } else {
        console.log('JoseJwtStrategy => no user found');
        done(null, false, { message: 'No user found' });
      }
    } catch (err) {
      if (err?.code === 'ERR_JWT_EXPIRED') {
        console.error('JoseJwtStrategy => token expired');
      } else {
        console.error('JoseJwtStrategy => error');
        console.error(err);
      }
      done(null, false, { message: 'Invalid token' });
    }
  });

module.exports = joseLogin;