const express = require("express")
const app = express()
const JWT = require("@ryanforever/jwt")
const jwt = new JWT({
	tokenSecret: process.env.TOKEN_SECRET
})

// STEP 1: make a login route for users to generate an access token
app.post("/login", (req, res) => {
	let {username} = req.body
	if (!username) return res.sendStatus(400).send({error: "missing username"})
	return jwt.generateAccessToken(username)
})

// optionally you can use the jwt.login middleware, which will basically do the same as above
app.post("/login", jwt.login)

// STEP 2: anything past this point will need access token in header (Authorization: Bearer ...)
app.use(jwt.authenticateToken)

// STEP 3: make your routes that you want authenticated
app.get("/restricted", (req, res) => {
	res.sendStatus(200)
})

app.listen(80)

jwt.generateAccessToken(username) // returns token object
/*
token object
{
	token: "eyJhbGciOiJIUzI1NiJ9..."
	createdAt: 1704565660735
}
*/

jwt.login // optional middleware to be used with a login route i.e. app
jwt.authenticateToken // middleware to be used with app.use(jwt.authenticateToken)