/**
 * 
 * @param {*} permissions Series of permissions or arrays of permissions, any of which must be fully satisfied to pass.
 * 
 * Example: verify('A', ['B', 'C']) means: A OR (B AND C)
 */

const verify = (...permissions) => (req, res, next) => {
  const verified = !!req.user
  if (!verified) {
    if (process.env.SKIP_AUTH) {
      console.warn(`Skipping auth on ${req.path}`)
      if (next) next()
      return true
    }
    if (res) res.status(403).end()
    return false
  } else {
    if (permissions && permissions.length) {
      for (let permission of permissions) {
        if (
          (typeof permission === 'string' && req.claims[permission])
          || (Array.isArray(permission) && permission.every(p => req.claims[permission]))
        ) {
          if (next) next()
          return true
        }
      }
      if (res) res.status(401).end()
      return false
    }
    if (next) next()
    return true
  }
  return verified
}

module.exports = verify