import MongoStore from "connect-mongo";
import session from "express-session";
import { dbName, mongoURI } from "../database/mongoose.js";
const sessionConf = {
    secret: process.env.SESSION_SECRET || "super duper secret string.",
    cookie: {
        expires: process.env.SESSION_TIMEOUT || 300000,
        httpOnly: true,
    },
    saveUninitialized: false,
    resave: false,
};
if (process.env.NODE_ENV === "production") {
    sessionConf.cookie.secure = true;
    sessionConf.store = MongoStore.create({ mongoUrl: mongoURI, dbName: dbName });
}
export const userSession = session(sessionConf);

export function authenticationGuard(req, res, next) {
    if (req.session.userId) {
        next();
    } else {
        res.sendStatus(401);
        return;
    }
}

// TODO: Authentication
// TODO: Identity
// TODO: Authority