import jwt from 'jsonwebtoken';

const defaultOption = {
  secret: '',
  headerName: 'authorization',
  whiteList: ['/login', '/register'],
};

export default function (opts) {
  let { secret, headerName } = { ...defaultOption, ...opts };

  return async (ctx, next) => {
    try {
      const token = ctx.headers[headerName].replace('Bearer ', '');

      if (token == jwt.sign(jwt.verify(token, secret), secret)) {
        await next();
      } else {
        ctx.status = 4001;
        ctx.body = {
          code: 401,
          message: '您还未登录或登录已超时',
        };
      }
    } catch (err) {
      ctx.status = 401;
      ctx.body = {
        code: 401,
        message: '登录已超时',
      };
    }
  };
}