import jwt from 'jsonwebtoken'
import axios from 'axios'
import auditController from '../app/auditor/controllers/auditor.controller.js'
import messages from '../shared/messages/messages.js'

const authenticateToken = (req, res, next) => {
  const authHeader = req.headers['authorization']
  const token = authHeader && authHeader.split(' ')[1]

  if (token == null) {
    return res.status(401).send({
      status: 401,
      message: messages.error.tokenNull.message,
      error: messages.error.tokenNull.summary,
    })
  }

  jwt.verify(token, process.env.SECRET_KEY, async (err, user) => {
    if (err) {
      return res.status(401).send({
        status: 401,
        message: messages.error.token.message,
        error: messages.error.token.summary,
      })
    }

    try {
      const response = await axios.get(
        `${process.env.API_MANAGEMENT}${user.sub}`,
        {
          headers: {
            Authorization: `Bearer ${token}`,
          },
        },
      )

      const usuario = response.data.data

      req.user = usuario

      const containsAdministrador = usuario.roles.some(
        (role) => role.nombre === 'Administrador',
      )

      req.totalAccess = containsAdministrador ? true : false

      const info = {
        userId: usuario._id,
        method: req.method,
        url: req.url,
        headers: req.headers,
        body: req.body,
      }

      const originalSend = res.send

      res.send = function (body) {
        info.response = body

        auditController.store(info)
        return originalSend.apply(this, arguments)
      }

      next()
    } catch (error) {
      console.log(error)
      return res.status(500).send({
        status: 500,
        message: messages.error.auth.message,
        error: messages.error.auth.summary,
      })
    }
  })
}

export default authenticateToken