import jwt
from datetime import datetime, timedelta
from flask import request
from mock_data import MOCK_USERS, UserInfo

# TODO: Replace with your own secret key
ACCESS_TOKEN_SECRET = 'access_token_secret'
REFRESH_TOKEN_SECRET = 'refresh_token_secret'

def generate_access_token(user: UserInfo):
    payload = {
        'user': user,
        'iat': datetime.utcnow(),
        'exp': datetime.utcnow() + timedelta(days=7)
    }
    return jwt.encode(payload, ACCESS_TOKEN_SECRET, algorithm='HS256')

def generate_refresh_token(user: UserInfo):
    payload = {
        'user': user,
        'iat': datetime.utcnow(),
        'exp': datetime.utcnow() + timedelta(days=30)
    }
    return jwt.encode(payload, REFRESH_TOKEN_SECRET, algorithm='HS256')

def verify_access_token():
    auth_header = request.headers.get('Authorization')
    if not auth_header or not auth_header.startswith('Bearer '):
        return None
    token = auth_header.split(' ')[1]
    try:
        decoded = jwt.decode(token, ACCESS_TOKEN_SECRET, algorithms=['HS256'])
        username = decoded['user']['username']
        user = next((u for u in MOCK_USERS if u['username'] == username), None)
        if user:
            user_info = {k: v for k, v in user.items() if k != 'password'}
            return user_info
        return None
    except jwt.PyJWTError:
        return None

def verify_refresh_token(token):
    try:
        decoded = jwt.decode(token, REFRESH_TOKEN_SECRET, algorithms=['HS256'])
        username = decoded['user']['username']
        user = next((u for u in MOCK_USERS if u['username'] == username), None)
        if user:
            user_info = {k: v for k, v in user.items() if k != 'password'}
            return user_info
        return None
    except jwt.PyJWTError:
        return None