<?php
include_once($_SERVER['DOCUMENT_ROOT'] . '/db_config.php');

$token = get_bearer_token();
if (is_null($token)) {
    header('Content-Type: application/json');
    http_response_code(412);
    echo '{"error":true,"message":"No token provided"}';
    return;
}

$token = $mysqli->real_escape_string($token);

$stmt = $mysqli->prepare("SELECT id FROM users WHERE token = ?");
$stmt->bind_param('s', $token);
$stmt->execute();
$result = $stmt->get_result();

$row = $result->fetch_assoc();
if (!is_null($row)) {
    $user_id = $row['id'];
    $stmt->close();
    $stmt = $mysqli->prepare("SELECT * FROM tunnels WHERE user = ?");
    $stmt->bind_param('i', $user_id);
} else {
    // return No user found
    header('Content-Type: application/json');
    http_response_code(403);
    echo '{"error":true,"message":"Unauthorized"}';
    $stmt->close();
    $mysqli->close();
    return;
}