package token

import (
	"fmt"
	"time"

	tk "github.com/golang-jwt/jwt/v5"
)

const minSecretKeySize = 32

// JWTMaker JSON Web Token
type JWTMaker struct {
	secretKey string
}

// NewJWTMaker 创建一个新的JWTMaker
func NewJWTMaker(secretKey string) error {
	if len(secretKey) < minSecretKeySize {
		return fmt.Errorf("invalid key size: must be at least %d characters", minSecretKeySize)
	}
	engine = &JWTMaker{secretKey}
	return nil
}

// CreateToken 根据用户名和时间创建一个新的token
func (maker *JWTMaker) CreateToken(id string, username string, duration time.Duration) (string, *Payload, error) {
	payload, err := NewPayload(id, username, duration)
	if err != nil {
		return "", payload, err
	}

	jwtToken := tk.NewWithClaims(tk.SigningMethodHS256, payload)
	token, err := jwtToken.SignedString([]byte(maker.secretKey))
	return token, payload, err
}

// VerifyToken checks if the token is valid or not
func (maker *JWTMaker) VerifyToken(token string) (*Payload, error) {
	keyFunc := func(token *tk.Token) (interface{}, error) {
		_, ok := token.Method.(*tk.SigningMethodHMAC)
		if !ok {
			return nil, ErrInvalidToken
		}
		return []byte(maker.secretKey), nil
	}

	jwtToken, err := tk.ParseWithClaims(token, &Payload{}, keyFunc)
	if err != nil {
		return nil, ErrInvalidToken
	}

	payload, ok := jwtToken.Claims.(*Payload)
	if !ok {
		return nil, ErrInvalidToken
	}

	return payload, nil
}