import { API_BASE_URL } from "./api"; const AUTH_TOKEN_KEY = "auth_token"; const AUTH_USER_KEY = "auth_user"; export interface AuthUser { id?: string; name?: string; email?: string; role?: string; permissions?: string[]; roleId?: string; userName?: string; phone?: string; [key: string]: unknown; } export interface LoginResponse { token: string; user: AuthUser; } export function getStoredToken() { if (typeof window === "undefined") return null; return localStorage.getItem(AUTH_TOKEN_KEY); } export function getStoredUser(): AuthUser | null { if (typeof window === "undefined") return null; const raw = localStorage.getItem(AUTH_USER_KEY); if (!raw) return null; try { return JSON.parse(raw) as AuthUser; } catch { return null; } } export function saveAuth(token: string, user: AuthUser) { if (typeof window === "undefined") return; localStorage.setItem(AUTH_TOKEN_KEY, token); localStorage.setItem(AUTH_USER_KEY, JSON.stringify(user)); } export function clearAuth() { if (typeof window === "undefined") return; localStorage.removeItem(AUTH_TOKEN_KEY); localStorage.removeItem(AUTH_USER_KEY); } export async function loginUser(identity: string, password: string) { const response = await fetch(`${API_BASE_URL}/v1/auth/login`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ identity, password }), }); const payload = (await response.json().catch(() => ({}))) as { success?: boolean; message?: string; data?: { token?: string; user?: AuthUser; }; token?: string; user?: AuthUser; }; if (!response.ok) { throw new Error(payload.message || "Login failed. Please check your credentials."); } const token = payload.data?.token ?? payload.token; const user = payload.data?.user ?? payload.user; if (!token || !user) { throw new Error("The server did not return a valid session payload."); } const rolePermissions = (user as { role?: { permissions?: Array<{ permission?: { slug?: string } }> } }).role?.permissions ?? []; const permissions = Array.isArray(rolePermissions) ? rolePermissions .map((entry) => entry?.permission?.slug) .filter((slug): slug is string => Boolean(slug)) : []; saveAuth(token, { ...user, permissions }); return { token, user: { ...user, permissions } } as LoginResponse; }