import { verifyToken } from './jwt.js';

function createResponse(success, message, data = null) {
  return { success, message, data };
}

async function authMiddleware(req, res, next) {
  try {
    const authHeader = req.headers.authorization;

    if (!authHeader || !authHeader.startsWith('Bearer ')) {
      return res.status(401).json(createResponse(false, '未提供身份验证令牌'));
    }

    const token = authHeader.substring(7);
    const payload = await verifyToken(token);

    if (!payload) {
      return res.status(401).json(createResponse(false, '无效或已过期的令牌'));
    }

    req.user = payload;
    req.token = token;
    next();
  } catch (error) {
    console.error('身份验证中间件错误:', error);
    res.status(500).json(createResponse(false, '身份验证失败'));
  }
}

export {
  authMiddleware,
  createResponse
};

export default {
  authMiddleware,
  createResponse
};