<?php
namespace app\service;

use Lcobucci\JWT\Parser;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use Lcobucci\JWT\Token;
use Lcobucci\JWT\Signer\Key\InMemory;

class JWTService
{
    private $secret;

    public function __construct()
    {
        $this->secret = config('jwt.secret');
    }

    public function createToken(array $claims): string
    {
        $signer = new Sha256();
        $key = InMemory::plainText($this->secret);

        $token = (new Token())->withClaim('id', $claims['id'])->withClaim('username', $claims['username']);
        $token = $token->withExpiresAt(time() + config('jwt.token_ttl'));

        return (string) $token->sign($signer, $key);
    }

    public function verifyToken(string $token): array
    {
        $parser = new Parser();
        $token = $parser->parse((string) $token);

        if ($token->verify(new Sha256(), InMemory::plainText($this->secret))) {
            return $token->getClaims();
        }

        return [];
    }
}