"""
JWT 토큰 유틸리티
"""

from datetime import datetime, timedelta, timezone

from jose import JWTError, jwt

from config import security_settings


def create_access_token(data: dict) -> str:
    """JWT 액세스 토큰 생성"""
    to_encode = data.copy()
    expire = datetime.now(timezone.utc) + timedelta(minutes=security_settings.JWT_EXPIRE_MINUTES)
    to_encode.update({"exp": expire})
    return jwt.encode(
        to_encode,
        security_settings.JWT_SECRET,
        algorithm=security_settings.JWT_ALGORITHM,
    )


def decode_access_token(token: str) -> dict | None:
    """JWT 액세스 토큰 디코딩"""
    try:
        payload = jwt.decode(
            token,
            security_settings.JWT_SECRET,
            algorithms=[security_settings.JWT_ALGORITHM],
        )
        return payload
    except JWTError:
        return None