cre-sync/lib/auth/session.ts

import { cookies } from 'next/headers';
import { verifyToken, JWTPayload } from './jwt';
import { prisma } from '@/lib/db';
import { User, Role } from '@/types';

const SESSION_COOKIE_NAME = 'cresync_session';

export async function getSession(): Promise<{ user: User } | null> {
  const cookieStore = await cookies();
  const token = cookieStore.get(SESSION_COOKIE_NAME)?.value;

  if (!token) return null;

  try {
    const payload = verifyToken(token);

    const user = await prisma.user.findUnique({
      where: { id: payload.userId },
      select: {
        id: true,
        email: true,
        role: true,
        firstName: true,
        lastName: true,
        brokerage: true,
        ghlLocationId: true,
        createdAt: true,
      },
    });

    if (!user) return null;

    return {
      user: {
        id: user.id,
        email: user.email,
        role: user.role as Role,
        firstName: user.firstName ?? undefined,
        lastName: user.lastName ?? undefined,
        brokerage: user.brokerage ?? undefined,
        ghlLocationId: user.ghlLocationId ?? undefined,
        createdAt: user.createdAt,
      }
    };
  } catch {
    return null;
  }
}

export async function setSessionCookie(token: string): Promise<void> {
  const cookieStore = await cookies();
  cookieStore.set(SESSION_COOKIE_NAME, token, {
    httpOnly: true,
    secure: process.env.NODE_ENV === 'production',
    sameSite: 'lax',
    maxAge: 60 * 60 * 24 * 7, // 7 days
    path: '/',
  });
}

export async function clearSessionCookie(): Promise<void> {
  const cookieStore = await cookies();
  cookieStore.delete(SESSION_COOKIE_NAME);
}