import bcrypt from "bcrypt";
import { signToken, verifyToken } from "@lib/svc/token.service";
import config from "@lib/config";
import { decrypt } from "@lib/svc/crypt.service";
const { HashRounds } = config.SigningOptions;

export async function getUserToken(id: string, encryptedPrivateKey: string) {
  const privateKey = await decrypt(encryptedPrivateKey, config.SigningOptions.Keys.KeyPair);
  const tokenPayload = {
    iss: config.SigningOptions.Issuer,
    sub: [config.SigningOptions.Subjects.User],
    aud: [config.SigningOptions.Issuer],
    id,
  };
  return signToken(tokenPayload, privateKey);
}

export async function userTokenLogin(token: string, encryptedPublicKey: string): Promise<boolean> {
  const publicKey = await decrypt(encryptedPublicKey, config.SigningOptions.Keys.KeyPair);
  return !!verifyToken(token, publicKey);
}

export async function getUserTokenId(token: string, encryptedPublicKey: string): Promise<string | undefined> {
  const publicKey = await decrypt(encryptedPublicKey, config.SigningOptions.Keys.KeyPair);
  const tokenData = verifyToken(token, publicKey);
  if (!tokenData) return undefined;
  return tokenData.id;
}

export async function hashText(password: string) {
  return bcrypt.hash(password, HashRounds);
}

export async function hashCompare(password: string, hash: string) {
  return bcrypt.compare(password, hash);
}