package nl.veenm.paypoint.service; import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; import jakarta.transaction.Transactional; import jakarta.ws.rs.core.Response; import nl.veenm.paypoint.domain.InviteEntity; import nl.veenm.paypoint.domain.InviteRequest; import nl.veenm.paypoint.repository.InviteRepository; import java.security.SecureRandom; import java.time.Instant; import java.time.temporal.ChronoUnit; import java.util.Base64; @ApplicationScoped public class AgendaService { @Inject EmailService emailService; @Inject InviteRepository inviteRepository; public void sendInvite(String email, String url) { this.emailService.stuurUitnodiging(email, url); } @Transactional public InviteEntity createInvite(InviteRequest inviteRequest) { String token = generateSecureToken(); // zoals eerder besproken InviteEntity invite = new InviteEntity(); invite.setCompany_id(inviteRequest.companyId); invite.setEmail(inviteRequest.email); invite.setToken(token); invite.setUsed(false); invite.setCreatedAt(Instant.now()); invite.setExpiresAt(Instant.now().plus(1, ChronoUnit.HOURS)); // 1u geldig inviteRepository.persist(invite); return invite; } public String generateSecureToken() { byte[] randomBytes = new byte[24]; new SecureRandom().nextBytes(randomBytes); return Base64.getUrlEncoder().withoutPadding().encodeToString(randomBytes); } public Response verifyInvite(String token) { InviteEntity invite = inviteRepository.findByToken(token); if (invite == null || invite.isUsed()) { return Response.status(Response.Status.BAD_REQUEST).entity("Ongeldige of reeds gebruikte uitnodiging").build(); } if (invite.getExpiresAt().isBefore(Instant.now())) { return Response.status(Response.Status.GONE).entity("Deze uitnodiging is verlopen").build(); } return Response.ok(invite).build(); } }