# -*- coding: utf-8 -*-
"""认证工具"""

import hashlib
import sqlite3
from config import Config

def hash_password(password):
    """密码哈希（SHA256，简单版）"""
    return hashlib.sha256(password.encode()).hexdigest()

def verify_password(password, stored_hash):
    """验证密码"""
    return hash_password(password) == stored_hash

def authenticate(username, password):
    """用户认证"""
    conn = sqlite3.connect(Config.DATABASE_PATH)
    cursor = conn.cursor()

    cursor.execute('''
        SELECT id, username, password_hash FROM users
        WHERE username = ?
    ''', (username,))

    user = cursor.fetchone()
    conn.close()

    if user and verify_password(password, user[2]):
        return {
            'id': user[0],
            'username': user[1]
        }
    return None

def is_logged_in(session):
    """检查是否已登录"""
    return 'user_id' in session