const AppError = require("./appError");
const speakeasy = require("speakeasy");

const twoFactorProtect = (req, res, next) => {
  const authenticator = req.body.authenticator || req.query.authenticator;

  if (!authenticator) {
    return next(
      new AppError(`Please provide 2 factor authenticator code`, 400)
    );
  }

  const verified = speakeasy.totp.verify({
    secret: process.env.TWOFA_SECRET,
    encoding: "base32",
    token: authenticator,
  });

  if (!verified) {
    return next(
      new AppError(
        `2 factor authenticator code is wrong, please try again`,
        400
      )
    );
  }

  next();
};

module.exports = twoFactorProtect;