class JwtService
{
    private $secretKey;

    public function __construct()
    {
        $this->secretKey = $_ENV['APP_SECRET'];
    }

    public function generateToken(UserInterface $user, int $expiration = 3600): string
    {
        $payload = [
            'sub' => $user->getUserIdentifier(),
            'exp' => time() + $expiration,
        ];

        return JWT::encode($payload, $this->secretKey, 'HS256');
    }

    public function validateToken(string $token): bool
    {
        try {
            JWT::decode($token, new Key($this->secretKey, 'HS256'));
            return true;
        } catch (Exception $e) {
            return false;
        }
    }
}