import Amplify from "@aws-amplify/core";
import Auth from "@aws-amplify/auth";
import type {CognitoAccessToken, CognitoUser} from "amazon-cognito-identity-js";

Amplify.configure({
  Auth: {
    region: process.env.AWS_AMPLIFY_REGION,
    userPoolId: process.env.AWS_AMPLIFY_USER_POOL_ID,
    userPoolWebClientId: process.env.AWS_AMPLIFY_USER_POOL_WEB_CLIENT_ID,
  },
});

export async function signIn(username: string, password: string): Promise<CognitoUser | null> {
  const u = await Auth.signIn(username, password);
  return u || null;
}

export async function signOut(): Promise<void> {
  await Auth.signOut();
}

async function getAccessToken(): Promise<CognitoAccessToken | null> {
  try {
    const u = await Auth.currentSession();
    if (!u || !u.isValid()) {
      return null;
    }

    return u.getIdToken();
  } catch (e) {
    return null;
  }
}

export async function getJwt(): Promise<string> {
  const token = await getAccessToken();
  if (!token) {
    throw new Error("unauthorized");
  }

  return token.getJwtToken();
}

export async function checkSession(): Promise<boolean> {
  return !!(await getAccessToken());
}