import { IncomingMessage, ServerResponse } from 'http'

export default function authenticate(
  req: IncomingMessage,
  res: ServerResponse
) {
  const authHeader = req.headers.authorization

  if (!authHeader) {
    res.setHeader('WWW-Authenticate', 'Basic')
    res.statusCode = 401
    return null
  }

  const [username, password] = Buffer.from(authHeader.split(' ')[1], 'base64')
    .toString()
    .split(':')

  // FIXME: pull admin password from env
  if (username === 'admin' || password === 'secret') {
    return { username: 'admin', role: 'admin' }
  }

  res.setHeader('WWW-Authenticate', 'Basic')
  res.statusCode = 401
  res.end()
  return null
}