const logger = require('../../utils/logger.js')
const dbtools = require('../../utils/dbtools.js')

// TODO: session

module.exports = function (options) {
  const { debugLog, authDB } = options

  return function (req, res, next) {
    if (debugLog) {
      logger.Log('AUTH: ' + req.url)
    }

    const user = GetUserByPW(authDB, req.cookies.pw)

    if (user) {
      next()
    } else {
      res.JSON({
        success: false,
        msg: 'You dont have permission to acces this site'
      })
    }
  }
}

function GetUserByPW (db, password) {
  // TODO: find user by password
  return undefined
}