package be.simplenotes.domain.security

import be.simplenotes.config.JwtConfig
import be.simplenotes.types.LoggedInUser
import com.auth0.jwt.JWT
import com.auth0.jwt.JWTVerifier
import com.auth0.jwt.algorithms.Algorithm
import java.util.*
import java.util.concurrent.TimeUnit
import javax.inject.Singleton

internal const val userIdField = "i"
internal const val usernameField = "u"

@Singleton
class SimpleJwt(jwtConfig: JwtConfig) {
    private val validityInMs = TimeUnit.MILLISECONDS.convert(jwtConfig.validity, jwtConfig.timeUnit)
    private val algorithm = Algorithm.HMAC256(jwtConfig.secret)

    val verifier: JWTVerifier = JWT.require(algorithm).build()
    fun sign(loggedInUser: LoggedInUser): String = JWT.create()
        .withClaim(userIdField, loggedInUser.userId)
        .withClaim(usernameField, loggedInUser.username)
        .withExpiresAt(getExpiration())
        .sign(algorithm)

    private fun getExpiration() = Date(System.currentTimeMillis() + validityInMs)
}