lunarfront-app/packages/backend/src/services/settings.service.ts

import { eq } from 'drizzle-orm'
import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js'
import { appSettings } from '../db/schema/settings.js'
import { encrypt, decrypt } from '../utils/encryption.js'

export const SettingsService = {
  async get(db: PostgresJsDatabase<any>, key: string): Promise<string | null> {
    const [row] = await db
      .select()
      .from(appSettings)
      .where(eq(appSettings.key, key))
      .limit(1)

    if (!row || row.value === null) return null
    if (row.isEncrypted && row.iv) return decrypt(row.value, row.iv)
    return row.value
  },

  async set(db: PostgresJsDatabase<any>, key: string, value: string, encrypted = false): Promise<void> {
    let storedValue = value
    let iv: string | null = null

    if (encrypted) {
      const result = encrypt(value)
      storedValue = result.ciphertext
      iv = result.iv
    }

    await db
      .insert(appSettings)
      .values({ key, value: storedValue, isEncrypted: encrypted, iv, updatedAt: new Date() })
      .onConflictDoUpdate({
        target: appSettings.key,
        set: { value: storedValue, isEncrypted: encrypted, iv, updatedAt: new Date() },
      })
  },

  async delete(db: PostgresJsDatabase<any>, key: string): Promise<void> {
    await db.delete(appSettings).where(eq(appSettings.key, key))
  },
}