package auth

import (
	"time"

	"gemma.intevation.de/gemma/config"

	jwt "github.com/dgrijalva/jwt-go"
)

type Claims struct {
	jwt.StandardClaims

	User  string   `json:"user"`
	Roles []string `json:"roles"`
}

const maxTokenValid = time.Hour * 3

func NewToken(user string, roles []string) (string, error) {

	// Create the Claims
	claims := &Claims{
		StandardClaims: jwt.StandardClaims{
			ExpiresAt: jwt.TimeFunc().Add(maxTokenValid).Unix(),
		},
		User:  user,
		Roles: roles,
	}

	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
	return token.SignedString(config.Config.JWTSignKey)
}

func TokenToClaims(token string) (*Claims, error) {
	claims := &Claims{}
	_, err := jwt.ParseWithClaims(token, claims,
		func(*jwt.Token) (interface{}, error) { return config.Config.JWTSignKey, nil })
	return claims, err
}