import * as jwt from 'jsonwebtoken';
import { UserService } from '../users/user.service';
import { User } from '../users/user.entity';

const JWT_SECRET = 'your-secret-key'; // 生产环境应使用环境变量
const JWT_EXPIRES_IN = '1h';

export class AuthService {
  private userService: UserService;

  constructor() {
    this.userService = new UserService();
  }

  async login(username: string, password: string): Promise<{ token: string; user: User }> {
    try {
      const user = await this.userService.getUserByUsername(username);
      if (!user) {
        throw new Error('User not found');
      }

      const isPasswordValid = await this.userService.verifyPassword(user, password);
      if (!isPasswordValid) {
        throw new Error('Invalid password');
      }

      const token = this.generateToken(user);
      return { token, user };
    } catch (error) {
      console.error('Login error:', error);
      throw error;
    }
  }

  generateToken(user: User): string {
    const payload = {
      id: user.id,
      username: user.username,
      roles: user.roles?.map(role => role.name) || []
    };
    return jwt.sign(payload, JWT_SECRET, { expiresIn: JWT_EXPIRES_IN });
  }

  verifyToken(token: string): any {
    try {
      return jwt.verify(token, JWT_SECRET);
    } catch (error) {
      console.error('Token verification failed:', error);
      throw new Error('Invalid token');
    }
  }

  async logout(token: string): Promise<void> {
    // 实际项目中可能需要将token加入黑名单
    // 这里简单返回成功
    return Promise.resolve();
  }
}