import logging
from typing import Any

import pendulum
from jose import JWTError, jwt

from app.config import get_settings

logger = logging.getLogger(f"{__name__}.auth")

settings = get_settings()


def create_token(user_data: dict[str, Any]) -> str:
    """
    Create JWT token for user

    Args:
        user_data: User information to encode in token

    Returns:
        JWT token string
    """
    payload = {**user_data, "exp": pendulum.now("UTC").add(days=7).int_timestamp}
    token = jwt.encode(payload, settings.secret_key, algorithm="HS256")
    return token


def verify_token(token: str) -> dict[str, Any]:
    """
    Verify and decode JWT token

    Args:
        token: JWT token string

    Returns:
        Decoded token payload

    Raises:
        JWTError: If token is invalid or expired
    """
    try:
        payload = jwt.decode(token, settings.secret_key, algorithms=["HS256"])
        return payload
    except JWTError as e:
        logger.warning(f"Invalid token: {e}")
        raise