import crypto from 'node:crypto';

const authenticateToken = function(req, res, next) {
  const token = req.cookies.auth_token;

  if(!token) {
    res.redirect("/");
    return;
  }

  const data = token.split('.');

  const hash = crypto.createHmac('sha256', process.env.AUTH_JWT_SECRET).update(data[0] + '.' + data[1]).digest('base64url');

  if (hash === data[2]) {
    next();
  } else {
    res.redirect('/users/login');
  }
};

export default authenticateToken;