/**
 * Cookie-based session store for mapping HTTP cookies to OAuth sessions.
 *
 * This provides a lightweight layer between HTTP cookies and the OAuth library's
 * session store (which is indexed by DID). The cookie value is a random token
 * that maps to a DID, allowing us to restore the OAuth session.
 */

import { TTLStore } from "./ttl-store.js";

/**
 * Session cookie data structure.
 * Maps cookie value to DID for OAuth session retrieval.
 */
export interface CookieSession {
  /** User's AT Proto DID (used to restore OAuth session) */
  did: string;
  /** User's handle (for display purposes) */
  handle?: string;
  /** Session expiration timestamp */
  expiresAt: Date;
  /** Session creation timestamp */
  createdAt: Date;
}

/**
 * Simple cookie-based session store.
 * Maps cookie tokens to DIDs for OAuth session restoration.
 *
 * WARNING: Sessions are lost on server restart.
 * Only suitable for single-instance deployments.
 * Use Redis-backed store for production.
 */
export class CookieSessionStore {
  private store: TTLStore<CookieSession>;

  constructor() {
    this.store = new TTLStore<CookieSession>(
      (session) => session.expiresAt < new Date(),
      "cookie_session_store"
    );
  }

  set(token: string, session: CookieSession): void {
    this.store.set(token, session);
  }

  get(token: string): CookieSession | null {
    return this.store.get(token) ?? null;
  }

  delete(token: string): void {
    this.store.delete(token);
  }

  destroy(): void {
    this.store.destroy();
  }
}