import { SignJWT, jwtVerify } from 'jose'; const JWT_SECRET = process.env.JWT_SECRET || 'fallback_secret_key_change_me'; const secretKey = new TextEncoder().encode(JWT_SECRET); export async function signToken(payload: any) { return await new SignJWT(payload) .setProtectedHeader({ alg: 'HS256' }) .setIssuedAt() .setExpirationTime('24h') .sign(secretKey); } export async function verifyToken(token: string) { try { const { payload } = await jwtVerify(token, secretKey); return payload; } catch (error) { return null; } }