defmodule Mv.Membership.JoinRequest.Changes.SetConfirmationToken do
  @moduledoc """
  Hashes the confirmation token and sets expiry for the join request (submit flow).

  Reads the :confirmation_token argument, stores only its SHA256 hash and sets
  confirmation_token_expires_at (e.g. 24h). Raw token is never persisted.
  """
  use Ash.Resource.Change

  @confirmation_validity_hours 24

  @spec change(Ash.Changeset.t(), keyword(), Ash.Resource.Change.context()) :: Ash.Changeset.t()
  def change(changeset, _opts, _context) do
    token = Ash.Changeset.get_argument(changeset, :confirmation_token)

    if is_binary(token) and token != "" do
      hash = token_hash(token)
      expires_at = DateTime.utc_now() |> DateTime.add(@confirmation_validity_hours, :hour)

      changeset
      |> Ash.Changeset.force_change_attribute(:confirmation_token_hash, hash)
      |> Ash.Changeset.force_change_attribute(:confirmation_token_expires_at, expires_at)
      |> Ash.Changeset.force_change_attribute(:status, :pending_confirmation)
    else
      changeset
    end
  end

  defp token_hash(token) do
    :crypto.hash(:sha256, token) |> Base.encode16(case: :lower)
  end
end