import {
  Injectable,
  NestMiddleware,
  UnauthorizedException,
} from '@nestjs/common';
import { JwtService } from '../services/jwt.service';

@Injectable()
export class AccountMiddleware implements NestMiddleware {
  constructor(private readonly jwtService: JwtService) {}
  async use(req: any, res: any, next: () => void) {
    const authPayload = req.header('authorization') ?? '';
    if (!authPayload) {
      req.user = req.session?.user;
      next();
      return;
    }
    const token = authPayload.replace('Bearer ', '');
    if (!token) {
      throw new UnauthorizedException('授权凭据不合法！');
    }
    try {
      const { payload } = await this.jwtService.verify(token);
      req.user = payload;
      next();
    } catch (err) {
      throw new UnauthorizedException('登录凭据失效或不合法！');
    }
    next();
  }
}