bilhej/frontend/src/stores/authStore.ts

import { defineStore } from 'pinia'
import { ref, computed } from 'vue'
import { register, login, changeEmail, confirmEmailChange } from '@/api/auth'
import { parseJwtPayload, isTokenExpired as isJwtExpired } from '@/utils/jwt'

export const useAuthStore = defineStore('auth', () => {
  const token = ref<string | null>(localStorage.getItem('auth_token'))
  const role = ref<string | null>(extractRole(token.value))

  const isAuthenticated = computed(() => token.value !== null)
  const isAdmin = computed(() => role.value === 'admin')
  const email = computed(() => {
    if (!token.value) return null
    const payload = parseJwtPayload(token.value)
    return payload.sub ?? null
  })

  function extractRole(jwt: string | null): string | null {
    if (!jwt) return null
    const payload = parseJwtPayload(jwt)
    return payload.role ?? null
  }

  function isTokenExpired(): boolean {
    return isJwtExpired(token.value)
  }

  function setToken(newToken: string) {
    token.value = newToken
    role.value = extractRole(newToken)
    localStorage.setItem('auth_token', newToken)
  }

  function clearToken() {
    token.value = null
    role.value = null
    localStorage.removeItem('auth_token')
  }

  async function registerUser(email: string, password: string): Promise<void> {
    const response = await register(email, password)
    setToken(response.token)
  }

  async function loginUser(email: string, password: string): Promise<void> {
    const response = await login(email, password)
    setToken(response.token)
  }

  async function changeUserEmail(
    newEmail: string,
    password: string,
  ): Promise<string | undefined> {
    const response = await changeEmail(newEmail, password)
    return response.testToken
  }

  async function confirmUserEmailChange(
    token: string,
    password: string,
  ): Promise<void> {
    const response = await confirmEmailChange(token, password)
    setToken(response.token)
  }

  function logout() {
    clearToken()
  }

  return {
    token,
    role,
    email,
    isAuthenticated,
    isAdmin,
    isTokenExpired,
    registerUser,
    loginUser,
    changeUserEmail,
    confirmUserEmailChange,
    logout,
  }
})