const jwt = require('jsonwebtoken');
const { ADMIN_EMAIL, ADMIN_PASSWORD, API_KEY, JWT_SECRET } = require('./config');

const verifyToken = (req, res, next) => {
    const authHeader = req.headers.authorization;
    if (!authHeader) return res.status(403).json({ error: 'No token provided' });

    const token = authHeader.split(' ')[1];
    if (!token) return res.status(403).json({ error: 'Malformed token' });

    jwt.verify(token, JWT_SECRET, (err, decoded) => {
        if (err) return res.status(401).json({ error: 'Unauthorized' });
        req.user = decoded;
        next();
    });
};

const authenticateAPIKey = (req, res, next) => {
    const apiKey = req.headers['x-api-key'];
    if (apiKey === API_KEY) {
        next();
        return;
    }

    res.status(401).json({ error: 'Unauthorized: Invalid API Key' });
};

const login = (email, password) => {
    if (email !== ADMIN_EMAIL || password !== ADMIN_PASSWORD) {
        return null;
    }

    return jwt.sign({ email }, JWT_SECRET, { expiresIn: '24h' });
};

module.exports = {
    verifyToken,
    authenticateAPIKey,
    login
};