package services

import (
	"errors"
	"fmt"

	"git.secnex.io/secnex/auth-api/config"
	"git.secnex.io/secnex/auth-api/repositories"
	"github.com/golang-jwt/jwt/v5"
	"github.com/google/uuid"
)

func Logout(sessionToken string) error {
	claims, err := jwt.ParseWithClaims(sessionToken, &jwt.MapClaims{}, func(token *jwt.Token) (interface{}, error) {
		return []byte(config.CONFIG.JwtSecret), nil
	})
	if err != nil {
		return err
	}
	if !claims.Valid {
		return errors.New("invalid token")
	}

	mapClaims := claims.Claims.(*jwt.MapClaims)
	subValue, ok := (*mapClaims)["sub"]
	if !ok {
		return errors.New("sub claim not found")
	}

	var sessionID string
	switch v := subValue.(type) {
	case string:
		sessionID = v
	case uuid.UUID:
		sessionID = v.String()
	default:
		sessionID = fmt.Sprintf("%v", v)
	}

	err = repositories.DeleteSessionCache(sessionID)
	if err != nil {
		return err
	}

	err = repositories.DeleteSession(sessionID)
	if err != nil {
		return err
	}

	return nil
}