package system

import (
	"errors"
	"gin-admin/internal/core/config"
	"gin-admin/internal/repository"
	"gin-admin/pkg/auth"
	"gin-admin/pkg/encrypt"
	"gorm.io/gorm"

	systemrepository "gin-admin/internal/repository/system"
)

// @Author: yv1ing
// @Author: me@yvling.cn
// @Date: 2025/8/28 16:30
// @Desc: 系统用户服务实现

// SysUserLogin 系统用户登录
func SysUserLogin(username, password string) (string, error) {
	user, err := systemrepository.GetUserByUsername(repository.Repo.DB, username)
	if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
		return "", errors.New("系统内部错误")
	}

	if errors.Is(err, gorm.ErrRecordNotFound) || encrypt.Sha256String(password, config.Config.SecretKey) != user.Password {
		return "", nil
	}

	if !user.IsActive {
		return "", errors.New("用户已被禁用")
	}

	jwtToken, err := auth.CreateAccessToken(user.ID, user.Username, config.Config.SecretKey)
	if err != nil {
		return "", errors.New("系统内部错误")
	}

	return jwtToken, nil
}