import 'dart:io';

import 'package:backend/database.dart';
import 'package:backend/service/db_access.dart';
import 'package:dart_jsonwebtoken/dart_jsonwebtoken.dart';

final jwtSecret = _getSecret();

class Authenticator {
  Future<String?> generateToken({required String username}) async {
    final newUser = await Db.createUser(username: username);
    if (newUser == null) return null;

    final jwt = JWT(
      {
        'uid': newUser.uuid,
      },
    );

    return jwt.sign(SecretKey(jwtSecret));
  }

  Future<User?> verifyToken(
    String token,
  ) async {
    try {
      final payload = JWT.verify(
        token,
        SecretKey(jwtSecret),
      );

      final payloadData = payload.payload as Map<String, dynamic>;

      final uuid = payloadData['uuid'] as String;
      return await Db.getUser(uuid);
    } catch (e) {
      return null;
    }
  }
}

String _getSecret() {
  final secret = Platform.environment['JWT_TOKEN_SECRET'];
  if (secret == null || secret.isEmpty) {
    throw Exception('JWT secret not configured. Define JWT_TOKEN_SECRET in environment.');
  } else {
    return secret;
  }
}