from flask_jwt import JWT

import hmac
import hashlib
from app.settings import app_cfg

from app.sql.common import db, Session, User

def encrypt_password(cleartext):
  clearbytes = bytearray()
  clearbytes.extend(map(ord, cleartext))
  return hmac.new(app_cfg.TOKEN_SECRET_BYTES, clearbytes, hashlib.sha256).hexdigest()

def authenticate(username, password):
  session = Session()
  password = encrypt_password(password)
  user = session.query(User).filter(User.username == username).first()
  session.close()
  if user and hmac.compare_digest(user.password.encode('utf-8'), password.encode('utf-8')):
    return user
  return None

def identity(payload):
  session = Session()
  user_id = payload['identity']
  user = session.query(User).get(user_id)
  session.close()
  return user

def setup_jwt(app):
  return JWT(app, authenticate, identity)