'use strict';
module.exports = () => {
  return async function password(ctx, next) {
    // mongodb中secret转换为密码类型
    const method = ctx.request.method;
    const isLoginEnd = ctx.request.url.includes('login');
    const passwordNoDeal = ctx.request.headers.passwordnodeal;
    if (method !== 'GET' && !isLoginEnd && !passwordNoDeal) {
      const body = ctx.request.body;
      if (body && body.password) body.password = { secret: body.password };
    }
    await next();
  };
};