import type { EventHandlerRequest, H3Event } from 'h3' import jwt from 'jsonwebtoken' import { UserInfo } from './mock-data' // TODO: Replace with your own secret key const ACCESS_TOKEN_SECRET = 'access_token_secret' const REFRESH_TOKEN_SECRET = 'refresh_token_secret' export interface UserPayload extends UserInfo { iat: number exp: number } export function generateAccessToken(user: UserInfo) { return jwt.sign(user, ACCESS_TOKEN_SECRET, { expiresIn: '7d' }) } export function generateRefreshToken(user: UserInfo) { return jwt.sign(user, REFRESH_TOKEN_SECRET, { expiresIn: '30d', }) } export function verifyAccessToken( event: H3Event, ): null | Omit { const authHeader = getHeader(event, 'Authorization') if (!authHeader?.startsWith('Bearer')) { return null } const token = authHeader.split(' ')[1] try { const decoded = jwt.verify(token, ACCESS_TOKEN_SECRET) as UserPayload const username = decoded.username const user = MOCK_USERS.find((item) => item.username === username) const { password: _pwd, ...userinfo } = user return userinfo } catch { return null } } export function verifyRefreshToken( token: string, ): null | Omit { try { const decoded = jwt.verify(token, REFRESH_TOKEN_SECRET) as UserPayload const username = decoded.username const user = MOCK_USERS.find((item) => item.username === username) const { password: _pwd, ...userinfo } = user return userinfo } catch { return null } }