-module(logic_auth_tests).
-include_lib("eunit/include/eunit.hrl").

logic_auth_test_() ->
  [
    {"Password hash test", fun test_password_hash/0},
    {"JWT generate and verify test", fun test_jwt/0},
    {"JWT expired test", fun test_jwt_expired/0},
    {"Refresh token test", fun test_refresh_token/0}
  ].

test_password_hash() ->
  Password = <<"secret123">>,
  {ok, Hash} = logic_auth:hash_password(Password),
  ?assert(is_binary(Hash)),
  {ok, true} = logic_auth:verify_password(Password, Hash),
  {ok, false} = logic_auth:verify_password(<<"wrong">>, Hash).

test_jwt() ->
  UserId = <<"user123">>,
  Role = user,

  Token = logic_auth:generate_jwt(UserId, Role),
  ?assert(is_binary(Token)),

  {ok, Claims} = logic_auth:verify_jwt(Token),
  ?assertEqual(UserId, maps:get(<<"user_id">>, Claims)),
  ?assertEqual(<<"user">>, maps:get(<<"role">>, Claims)),
  ?assert(maps:is_key(<<"exp">>, Claims)),
  ?assert(maps:is_key(<<"iat">>, Claims)),

  % Проверка невалидного токена
  {error, invalid_token} = logic_auth:verify_jwt(<<"invalid.token.here">>).

test_jwt_expired() ->
  % Пропускаем для простоты, так как требует мока времени
  ok.

test_refresh_token() ->
  {Token, ExpiresAt} = logic_auth:generate_refresh_token(<<"user123">>),
  ?assert(is_binary(Token)),
  ?assert(size(Token) >= 32),
  ?assert(is_tuple(ExpiresAt)),
  % Проверяем, что срок действия в будущем
  Now = calendar:universal_time(),
  ?assert(ExpiresAt > Now).