import { defineGraphqlServerOptions } from "nuxt-graphql-middleware/server-options";
import { jwtDecode } from "jwt-decode";

interface DecodedToken {
  exp: number;
}

async function refreshAuthToken(refreshToken: string): Promise<string | null> {
  const refreshResponse = await useGraphqlMutation("refreshJwtAuthToken", { refreshToken });
  return refreshResponse.data?.refreshJwtAuthToken?.authToken || null;
}

export default defineGraphqlServerOptions({
  async serverFetchOptions(event) {
    const session = await getUserSession(event);
    if (!session?.secure?.authToken) return {};

    const decoded = jwtDecode<DecodedToken>(session.secure.authToken);
    const isExpired = decoded.exp * 1000 < Date.now();
    if (isExpired) {
      const newToken = await refreshAuthToken(session.secure.refreshToken);
      if (newToken) {
        session.secure.authToken = newToken;
      }
    }

    return { headers: { Authorization: `Bearer ${session.secure.authToken}` } };
  },
});