'use strict';
const basicAuth = require('express-basic-auth');

function myAuthorizer(username, password) {
    if (!process.env.BASIC_AUTH_USERNAME || !process.env.BASIC_AUTH_PASSWORD){
        return false;
    }

    const userMatches = basicAuth.safeCompare(username, process.env.BASIC_AUTH_USERNAME);
    const passwordMatches = basicAuth.safeCompare(password, process.env.BASIC_AUTH_PASSWORD);

    return userMatches & passwordMatches
}

function getUnauthorizedResponse(req) {
    return 'Forbidden';
}

module.exports = {
    myAuthorizer,
    getUnauthorizedResponse,
};