import jwt from 'jsonwebtoken';
import bcrypt from 'bcrypt';
import { db } from '$lib/server/dbService';

import config from '$lib/config';

const SECRET = config.jwt.secret;
const EXPIRES_IN = config.jwt.expiresIn;

export function createToken(userData) {
	return jwt.sign(userData, SECRET, { expiresIn: EXPIRES_IN });
}

export function decryptToken(token: string) {
	return jwt.verify(token, SECRET);
}

export function authenticate(user, password) {
	let JWTToken;

	const getUserSQLStmt = 'SELECT name, pw FROM users WHERE name = ?';
	const row = db.prepare(getUserSQLStmt).get(user);

	if (!row) {
		return null;
	}
	const storedPW = row.pw;

	const isValid = bcrypt.compareSync(password, storedPW)
	if (isValid) {
		JWTToken = createToken({ id: user, admin: true });
	}

	return JWTToken;
}