import jwt from 'jsonwebtoken';
import { UserService } from '../users/user.service';
import { UserEntity as User } from '../users/user.entity';

const JWT_SECRET = 'your-secret-key'; // 生产环境应使用环境变量
const JWT_EXPIRES_IN = '7d'; // 7天有效期

export class AuthService {
  private userService: UserService;

  constructor(userService: UserService) {
    this.userService = userService;
  }

  async login(username: string, password: string): Promise<{ token: string; user: User }> {
    try {
      const user = await this.userService.getUserByUsername(username);
      if (!user) {
        throw new Error('User not found');
      }

      const isPasswordValid = await this.userService.verifyPassword(user, password);
      if (!isPasswordValid) {
        throw new Error('Invalid password');
      }

      const token = this.generateToken(user);
      return { token, user };
    } catch (error) {
      console.error('Login error:', error);
      throw error;
    }
  }

  generateToken(user: User): string {
    const payload = {
      id: user.id,
      username: user.username,
      roles: user.roles?.map(role => role.name) || []
    };
    return jwt.sign(payload, JWT_SECRET, { expiresIn: JWT_EXPIRES_IN });
  }

  verifyToken(token: string): any {
    try {
      return jwt.verify(token, JWT_SECRET);
    } catch (error) {
      console.error('Token verification failed:', error);
      throw new Error('Invalid token');
    }
  }

  async logout(token: string): Promise<void> {
    try {
      // 验证token有效性
      const decoded = this.verifyToken(token);
      if (!decoded) {
        throw new Error('Invalid token');
      }
      
      // 实际项目中这里可以添加token黑名单逻辑
      // 或者调用Redis等缓存服务使token失效
      
      return Promise.resolve();
    } catch (error) {
      console.error('Logout failed:', error);
      throw error;
    }
  }
}