import { HttpMethod, Route, StatusCodes } from 'org.crazydoctor.expressts';
import { Request, Response } from 'express';
import { ISession } from '../session/ISession';

class PostAuthorize extends Route {
	private AdminLogin = 'Admin';

	protected action = (req: Request, res: Response): any => {
		const session = req.session as ISession;
		const params = req.body;

		const login = params.login.trim();
		const password = params.password.trim(); // SHA256 hashed

		if(login === this.AdminLogin && this.context.options.adminPassword === password) {
			session.isAdmin = true;
			res.status(StatusCodes.OK).send('OK');
			return;
		}

		res.status(StatusCodes.FORBIDDEN).send('Authentication failed');
	};

	protected method = HttpMethod.POST;
	protected order = 2;
	protected route = '/authorize';
}

export default PostAuthorize;