import { verify } from "../core/jwt";
import { query } from "../data/db";
import { redis } from '../data/redis';

const cookieName = process.env.COOKIE_NAME;

export async function requireUserAuth(req, res, next) {
  const token = req.cookies?.[cookieName];
  if (!token) return res.status(401).json({ message: 'No token' });

  let payload;
  try {
    payload = await verify(token);
  } catch (error) {
    return res.status(401).json({ message: 'Invalid token' });
  }

  // Session
  const { rows } = await query(
    'select id, user_id, expires_at from sessions where id = $1',
    [payload.sessionId]
  );
  if (!rows[0]) return res.status(401).json({ message: 'Invalid session' });

  await query('update sessions set last_activity = now() where id = $1', [payload.sessionId]).catch(() => { });
  redis.set(`onlineuser:${payload.sub}`, '1', 'EX', 60).catch(() => { });

  req.user = {
    id: payload.sub,
    name: payload.sessionId,
  }
  next();

  
}