<?php

declare(strict_types=1);

namespace app\service;

use Firebase\JWT\JWT;
use Firebase\JWT\Key;

class JwtService
{
    private static string $secret = 'meitian@#!';
    private static int $expire = 86400;

    public static function generateToken(array $userInfo): string
    {
        $payload = [
            'iss' => 'backapi.yunzer.cn',
            'sub' => $userInfo['id'],
            'iat' => time(),
            'exp' => time() + self::$expire,
            'user' => $userInfo
        ];
        return JWT::encode($payload, self::$secret, 'HS256');
    }

    public static function verifyToken(string $token): ?array
    {
        try {
            $decoded = JWT::decode($token, new Key(self::$secret, 'HS256'));
            return (array)$decoded;
        } catch (\Exception $e) {
            return null;
        }
    }

    public static function getUserFromHeader(string $authHeader): array
    {
        if (!preg_match('/Bearer\s+(.+)/i', $authHeader, $matches)) {
            return ['id' => 0, 'account' => '', 'name' => ''];
        }

        $tokenData = self::verifyToken($matches[1]);
        if (!$tokenData || !isset($tokenData['user'])) {
            return ['id' => 0, 'account' => '', 'name' => ''];
        }

        return (array)$tokenData['user'];
    }

    public static function getSecret(): string
    {
        return self::$secret;
    }

    public static function setSecret(string $secret): void
    {
        self::$secret = $secret;
    }
}