logbuch/lib/auth.ts

import bcrypt from 'bcryptjs';
import { getBeoByKuerzel, getBeoByName } from './phpdb';

export type { Beo } from './phpdb';
import type { Beo } from './phpdb';

export async function getBeoByLogin(login: string): Promise<Beo | null> {
  const byKuerzel = await getBeoByKuerzel(login);
  if (byKuerzel) return byKuerzel;
  return getBeoByName(login);
}

export async function verifyCredentials(
  login: string,
  password: string
): Promise<{ beo: Beo; valid: boolean } | null> {
  const beo = await getBeoByLogin(login);
  if (!beo) return null;

  if (!beo.pw) {
    const defaultPw = process.env.DEFAULT_PASSWORD;
    if (!defaultPw) throw new Error('DEFAULT_PASSWORD Umgebungsvariable ist nicht gesetzt!');
    return { beo, valid: password === defaultPw };
  }

  const valid = await bcrypt.compare(password, beo.pw);
  return { beo, valid };
}

export async function hashPassword(password: string): Promise<string> {
  return bcrypt.hash(password, 12);
}

export function getBeoDisplayName(beo: Beo): string {
  return beo.vorname ? `${beo.vorname} ${beo.name}` : beo.name;
}