const fs = require("fs");
const jwt = require("jsonwebtoken");

const privateKey = fs.readFileSync(process.env.PRIVKEY_PATH);
const publicKey = fs.readFileSync(process.env.PUBKEY_PATH);

/**
 * Sign data into JWT with JWT env secret
 * @param {string|any} data
 * @returns {jwt.JwtPayload}
 */
const getJWT = (data) => {
	return jwt.sign({ id: data }, process.env.JWTSECRET, { algorithm: "HS256" }); // symmetric encryption, so simple secret with SHA
};

/**
 * Sign data into JWT with private key.
 * @param {string|any} data 
 * @returns {jwt.JwtPayload}
 */
const getSignedJWT = (data) => {
	return jwt.sign({ id: data }, privateKey, { algorithm: "RS256" }); // asymmetric signing, so private key with RSA
}

/**
 * Verify a JWT with JWT env secret
 * @param {jwt.JwtPayload} data
 * @returns {string|any}
 */
const verifyJWT = (data) => {
	return jwt.verify(data, process.env.JWTSECRET, { algorithms: ["HS256"] });
}

/**
 * Verify a signed JWT with public key.
 * @param {jwt.JwtPayload} signedString 
 * @returns {string|any}
 */
const verifySignedJWT = (signedString) => {
	return jwt.verify(signedString, publicKey, { algorithms: ["RS256"] });
}

module.exports = {
	getJWT,
	verifyJWT,
	getSignedJWT,
	verifySignedJWT,
};