package jwt

import (
	"os"
	"time"

	"git.ukamnya.ru/stulyaganov/RestApiv2/internal/bd/model"
	"github.com/golang-jwt/jwt/v5"
)

type jwtToken struct {
	AccesToken   string
	RefreshToken string
}

func GenerateTokens(payload model.User) (*jwtToken, error) {
	AccessKey := os.Getenv("JWT_SECRET_KEY_ACCESS")
	RefreshKey := os.Getenv("JWT_SECRET_KEY_REFRESH")
	claimsAccess := jwt.MapClaims{
		"name":         payload.Login,
		"permisionlvl": payload.PermisionLVL,
		"email":        payload.Email,
		"exp":          time.Now().Add(time.Hour * 24 * 60).Unix(),
	}
	claimsRefresh := jwt.MapClaims{
		"name":         payload.Login,
		"permisionlvl": payload.PermisionLVL,
		"email":        payload.Email,
		"exp":          time.Now().Add(time.Hour * 24 * 360).Unix(),
	}

	tokenAcc := jwt.NewWithClaims(jwt.SigningMethodHS256, claimsAccess)
	tokenRef := jwt.NewWithClaims(jwt.SigningMethodHS256, claimsRefresh)

	AccesToken, err := tokenAcc.SignedString([]byte(AccessKey))
	if err != nil {
		return nil, err
	}
	RefreshToken, err := tokenRef.SignedString([]byte(RefreshKey))
	if err != nil {
		return nil, err
	}
	return &jwtToken{
		AccesToken:   AccesToken,
		RefreshToken: RefreshToken,
	}, nil

}