import { FastifyInstance, FastifyRequest, FastifyReply } from 'fastify';
import fp from 'fastify-plugin';
import { env } from '../config/env';

declare module '@fastify/jwt' {
  interface FastifyJWT {
    payload: {
      id: number;
      email: string;
      name: string;
      role: string;
      tenantId: number;
    };
  }
}

declare module 'fastify' {
  interface FastifyRequest {
    tenantId?: number;
  }
  
  interface FastifyInstance {
    authenticate: (request: FastifyRequest, reply: FastifyReply) => Promise<void>;
  }
}

export default fp(async (fastify: FastifyInstance) => {
  fastify.decorate('authenticate', async (request: FastifyRequest, reply: FastifyReply) => {
    try {
      await request.jwtVerify();
      
      const user = request.user as any;
      if (!user?.tenantId) {
        return reply.status(401).send({ error: 'Token inválido' });
      }
      
      request.tenantId = user.tenantId;
    } catch (err) {
      return reply.status(401).send({ error: 'No autorizado' });
    }
  });
});