auth.js

const passport = require('passport');
const { Strategy: JwtStrategy, ExtractJwt } = require('passport-jwt');
const bcrypt = require('bcrypt');
const jwt = require('jsonwebtoken');

const secretKey = 'BM8yoeRub9wB8kkYPLtBwp/CapXFogakbPF+tsCKT7E=';

const generateJwtToken = (user) => {
  const payload = {
    id: user.id,
    username: user.username,
  };

  return jwt.sign(payload, secretKey, { expiresIn: '1h' });
};

passport.use(
  new JwtStrategy(
    {
      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
      secretOrKey: secretKey,
    },
    (payload, done) => {
      // TODO: Implement user lookup and validation
      done(null, false);
    }
  )
);

const authenticateJwt = (req, res, next) => {
  passport.authenticate('jwt', { session: false }, (err, user) => {
    if (err) {
      console.error('Error authenticating JWT:', err);
      res.status(500).json({ error: 'Internal Server Error' });
    } else if (!user) {
      res.status(401).json({ error: 'Unauthorized' });
    } else {
      req.user = user;
      next();
    }
  })(req, res, next);
};

const encryptPassword = async (password) => {
  const saltRounds = 10;
  const salt = await bcrypt.genSalt(saltRounds);
  const hash = await bcrypt.hash(password, salt);
  return hash;
};

const comparePassword = async (password, hash) => {
  return await bcrypt.compare(password, hash);
};

module.exports = {
  generateJwtToken,
  authenticateJwt,
  encryptPassword,
  comparePassword,
};