"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.authMiddleware = void 0;
const SessionService_1 = require("../services/SessionService");
const authMiddleware = (req, res, next) => {
    const sessionToken = req.headers['x-session-token']; // Assuming token is sent in a header
    if (!sessionToken) {
        return res.status(401).json({ message: 'No session token provided.' });
    }
    const session = SessionService_1.SessionService.getSession(sessionToken);
    if (!session || !session.isAuthenticated) {
        return res.status(401).json({ message: 'Invalid or unauthenticated session.' });
    }
    // Optionally, attach session to request for further use
    req.session = session;
    next();
};
exports.authMiddleware = authMiddleware;