/* jshint node: true */

var passport = require('passport'),
	_ = require('lodash'),
	config = require('../../config.json'),
	User = require('./schemas/User');


var middleware = {

	enableCORS: function (req, res, next) {
		res.header('Access-Control-Allow-Credentials', true);
		// TODO Check https vs. http
		res.header('Access-Control-Allow-Origin', '*');
		res.header('Access-Control-Allow-Headers', 'X-Requested-With');
		next();
	},

	ensureAuthenticated: function (req, res, next) {
		if (! req.isAuthenticated()) {
			req.session.returnTo = req.path;
			return res.redirect('/login');
		}
		next();
	},

	ensureIsAdmin: function (req, res, next) {
		User.findOne({ _id: req.user._id }, function (err, user) {
			if (! user.isAdmin) {
				return res.redirect('http://' + config.host + '/' + req.user.username);
			}
			req.user = user
			next();
		});
	},

	ensureLocals: function (req, res, next) {
		res.locals.token = req.csrfToken();
		res.locals.logged_in = req.isAuthenticated()
		res.locals.user = req.user || {}
		res.locals.config = config
		res.locals.profile = null
		next()
	},

}

module.exports = middleware