module-farmasi/server/utils/sessionStore.ts

// server/utils/sessionStore.ts
// Simple in-memory session store (for development)
// In production, use Redis or a database

import { getCookie } from 'h3'
import { randomBytes } from 'crypto'
import type { SessionData } from '~/types/auth';



const sessions = new Map<string, SessionData>();

// Clean up expired sessions every 5 minutes
setInterval(() => {
    const now = Date.now();
    for (const [sessionId, session] of sessions.entries()) {
        if (session.expiresAt < now) {
            sessions.delete(sessionId);
        }
    }
}, 5 * 60 * 1000);

export function createUserSession(data: Omit<SessionData, 'createdAt'>): string {
    // Generate a secure random session ID
    const sessionId = randomBytes(32).toString('hex');
    const sessionData: SessionData = {
        ...data
    };
    sessions.set(sessionId, sessionData);
    return sessionId;
}

export function getUserSession(sessionId: string): SessionData | null {
    const session = sessions.get(sessionId);
    if (!session) {
        return null;
    }

    if (session.expiresAt <= Date.now()) {
        sessions.delete(sessionId);
        return null;
    }
    
    return session;
}

export function deleteUserSession(sessionId: string): void {
    sessions.delete(sessionId);
}

export function updateUserSession(sessionId: string, updates: Partial<SessionData>): boolean {
    const session = sessions.get(sessionId);
    if (!session) {
        return false;
    }
    
    // Update the session with new data
    const updatedSession = {
        ...session,
        ...updates,
    };
    
    sessions.set(sessionId, updatedSession);
    return true;
}

// Helper function to get session from cookie (for use in API handlers)
export async function getUserSessionFromCookie(event: any): Promise<SessionData | null> {
    const sessionId = getCookie(event, 'user_session');
    if (!sessionId) {
        return null;
    }
    return getUserSession(sessionId);
}