from flask import Flask, request, jsonify
import jwt
from datetime import datetime, timedelta
from werkzeug.security import generate_password_hash, check_password_hash
from dao import get_user_by_email

app = Flask(__name__)
app.config['SECRET_KEY'] = 'your_secret_key'

def create_token(user_id):
    payload = {
        'user_id': user_id,
        'exp': datetime.utcnow() + timedelta(hours=1)
    }
    return jwt.encode(payload, app.config['SECRET_KEY'], algorithm='HS256')

@app.route('/login', methods=['POST'])
def login():
    data = request.json
    if not data or 'email' not in data or 'senha' not in data:
        return jsonify({'message': 'Missing email or password'}), 400

    user = get_user_by_email(data['email'])
    if user and check_password_hash(user['senha_hash'], data['senha']):
        token = create_token(user['id'])
        return jsonify({'token': token})
    return jsonify({'message': 'Invalid credentials'}), 401