import { ExtractJwt, Strategy as JwtStrategy } from 'passport-jwt';

import { readOneByRecord } from '@mifi/auth-db/lib/dao/readOneByRecord';

import { JWT_SECRET } from '../../constants/env';

const opts = {
    jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
    secretOrKey: JWT_SECRET,
    issuer: process.env.JWT_ISSUER,
    audience: process.env.JWT_AUDIENCE,
};

export default new JwtStrategy(opts, async ({ sub }, done) => {
    const auth = await readOneByRecord(sub);
    return done(null, auth || false);
});