const basicAuth = require('basic-auth');

const auth = (req, res, next) => {
    const user = basicAuth(req);
    const username = process.env.AUTH_USERNAME; // Use environment variables
    const password = process.env.AUTH_PASSWORD; // Use environment variables

    if (user && user.name === username && user.pass === password) {
        return next();
    } else {
        res.set('WWW-Authenticate', 'Basic realm="401"');
        return res.status(401).send('Authentication required.');
    }
};

module.exports = auth;