package common

import (
	"drive-linked/config"
	"github.com/golang-jwt/jwt/v4"
	"strings"
	"time"
)

type JwtClaims struct {
	Foo string `json:"foo"`
	jwt.RegisteredClaims
}

//TODO:token解密验证
func ValidateLogin(authorization string) error {
	// 取出Bearer后的内容
	var tokenString string
	if auths := strings.Split(authorization, " "); len(auths) > 1 {
		tokenString = auths[1]
	} else {
		return jwt.ErrInvalidKey
	}

	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
		return []byte(config.Cfg.Security.Jwt.Secret), nil
	})

	if token != nil && token.Valid {
		return nil
	}
	return err
}

func NewToken(auds ...string) (string, error) {
	if len(auds) == 0 {
		auds = []string{"non-audience"}
	}
	// Create the claims
	claims := JwtClaims{
		"bar",
		jwt.RegisteredClaims{
			// A usual scenario is to set the expiration time relative to the current time
			ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Duration(config.Cfg.Security.Jwt.Expire) * time.Second)),
			IssuedAt:  jwt.NewNumericDate(time.Now()),
			NotBefore: jwt.NewNumericDate(time.Now()),
			Issuer:    "drivelinked",
			Subject:   "login",
			Audience:  auds,
		},
	}

	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
	ss, err := token.SignedString([]byte(config.Cfg.Security.Jwt.Secret))
	if err != nil {
		return "", err
	}
	return ss, nil
}