const verify = (permission) => (req, res, next) => {
  const verified = !!req.user
  if (!verified) {
    if (process.env.SKIP_AUTH) {
      console.warn(`Skipping auth on ${req.path}`)
      return next()
    }
    if (res) res.status(403).end()
  } else {
    if (next) next()
  }
  return verified
}

module.exports = verify