import {Middleware} from '../../http/routing/Middleware'
import {Inject, Injectable} from '../../di'
import {SecurityContext} from '../SecurityContext'
import {ResponseObject} from '../../http/routing/Route'
import {error} from '../../http/response/ErrorResponseFactory'
import {NotAuthorizedError} from '../NotAuthorizedError'
import {HTTPStatus} from '../../util'

@Injectable()
export class GuestRequiredMiddleware extends Middleware {
    @Inject()
    protected readonly security!: SecurityContext

    async apply(): Promise<ResponseObject> {
        if ( this.security.hasUser() ) {
            return error(new NotAuthorizedError(), HTTPStatus.FORBIDDEN)
        }
    }
}