const Settings = require('../models/Settings');

const authMiddleware = async (req, res, next) => {
    // Authentication disabled for public shop API
    next();

    /* Original auth code (disabled):
    try {
        const apiKey = req.headers['x-api-key'];

        if (!apiKey) {
            return res.status(401).json({ error: 'API Key missing' });
        }

        const validKey = await Settings.findOne({ key: 'api_secret_key' });

        if (!validKey || validKey.value !== apiKey) {
            return res.status(403).json({ error: 'Invalid API Key' });
        }

        next();
    } catch (e) {
        console.error("Auth Error:", e);
        res.status(500).json({ error: 'Server Error' });
    }
    */
};

module.exports = authMiddleware;