class Api::V1::ApiController < ::ActionController::API

  before_action :authenticate_user
  after_filter :cors_set_access_control_headers
  skip_before_filter :authenticate_user, :only => [:route_options]

  def route_options
    cors_preflight_check
  end

  private

    def authenticate_user
      #["current_user","current_token"] Make this true to check for email also
      @instance_hash = ::Arcadex::Authentication.full_authentication(params,request,false)
      if @instance_hash.nil?
        render :json => {errors: "User is not logged in, register or log in"} , status: :unauthorized
      end
    end

    def current_user
    	if !@instance_hash.nil?
    		@instance_hash["current_user"]
    	end
    end

    def current_token
    	if !@instance_hash.nil?
    		@instance_hash["current_token"]
    	end
    end

    def cors_set_access_control_headers
      response.headers['Access-Control-Allow-Origin'] = '*'
      response.headers['Access-Control-Allow-Methods'] = 'POST, GET, PUT, PATCH, DELETE, OPTIONS'
      response.headers['Access-Control-Allow-Headers'] = 'Origin, Content-Type, Accept, Authorization, Token, Auth-Token, Email'
      response.headers['Access-Control-Max-Age'] = "1728000"
    end
     
    def cors_preflight_check
      #if request.method == 'OPTIONS'
        request.headers['Access-Control-Allow-Origin'] = '*'
        request.headers['Access-Control-Allow-Methods'] = 'POST, GET, PUT, PATCH, DELETE, OPTIONS'
        request.headers['Access-Control-Allow-Headers'] = 'X-Requested-With, X-Prototype-Version, Token, Auth-Token, Email'
        request.headers['Access-Control-Max-Age'] = '1728000'  
        render :text => '', :content_type => 'text/plain'
      #end
    end
    
end