const { buildSchema } = require('graphql');
const jwt         = require('jsonwebtoken')

module.exports = ({Savable, secret}) => {
    class User extends Savable {
        async getACL(){
            return [this._id.toString(), "user"]
        }
    }
    Savable.addClass(User)

    const anonResolvers = {
        createUser:async function ({login, password}){
            let user =  await Savable.m.User.findOne({login, password})
            if (user)
                return null;
            user = await (new User({login, password})).save()

            user.___owner = user._id.toString()
            user.___permissions = {
                read: ["owner", "user"]
            }

            return await user.save()
        },

        async login({login, password}){
            const user =  await Savable.m.User.findOne({login, password})
            if (!user)
                return null;

            const token = jwt.sign({ sub: {id: user._id, login, acl: await user.getACL()}}, secret); //подписывам токен нашим ключем
            return token
        },

        changePassword:async function ({login, password, newPassword}){
            const user =  await Savable.m.User.findOne({login, password})
            if (!user) return null;
            user.password = newPassword;
            return await user.save()
        },
    }

    const anonSchema = buildSchema(`
        type Query {
            login(login: String!, password: String!): String
        }
        type Mutation {
            createUser(login: String!, password: String!): User
            changePassword(login: String!, password: String!, newPassword: String!): User
        }

        type User {
             _id: String
             login: String
        }
    `)
    return {anonResolvers, anonSchema}
}