package auth

import (
	"kon/config"
	"kon/utils"
	"log"
	"sync"
	"time"

	"github.com/dchest/uniuri"
	"github.com/golang-jwt/jwt/v5"
)

var Hashes = map[string]time.Time{}
var HashesMutex = sync.RWMutex{}

func CreateToken() string {
	token := jwt.NewWithClaims(jwt.SigningMethodHS256,
		jwt.MapClaims{
			"reqHash": uniuri.New(),
			"exp":     time.Now().Add(time.Hour * 24).Unix(),
		})

	tokenString, err := token.SignedString(config.AuthSecret)
	utils.CheckError(err)

	return tokenString
}

func VerifyToken(tokenString string) bool {
	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
		return config.AuthSecret, nil
	})

	if err != nil {
		return false
	}

	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
		_, does_claim_have_req_hash := claims["reqHash"]
		if does_claim_have_req_hash {
			HashesMutex.RLock()
			val, exists := Hashes[claims["reqHash"].(string)]
			HashesMutex.RUnlock()
			if exists {
				if time.Since(val) > 48*time.Hour {
					HashesMutex.Lock()
					Hashes[claims["reqHash"].(string)] = time.Now()
					HashesMutex.Unlock()
					return true
				} else {
					return false
				}
			} else {
				HashesMutex.Lock()
				Hashes[claims["reqHash"].(string)] = time.Now()
				HashesMutex.Unlock()
				return true
			}
		} else {
			return false
		}
	} else {
		log.Printf("Invalid JWT Token")
		return false
	}
}