class Webhook::Tep::Controller < ActionController::API
  include ResponseMethods
  include ApplicationHelper

  before_action :authenticate_request!

  private
    def authenticate_request!
      return if school.school_config.tep_integration

      render_error :forbidden, errors: 'Not Authenticated'
    end

    def token
      request.headers['Authorization'].gsub('Bearer ', '')
    end

    def decode_token
      JWT.decode(token, hmac_key, false).first
    end

    def hmac_key
      Rails.application.secrets.tep[:key]
    end

    def school
      @school ||= School.find_by(id: decode_token['school_id'])
    end
end