package csrf

import (
	"crypto/md5"
	"fmt"
	"strconv"
	"time"
)

// a CSRF key is valid for the current time, route, and user.
func (c CSRF) AuthMake(userID string, routeName string) string {
	// h := sha256.New()
	// h.Write([]byte(userID + routeName + CSRFKey + strconv.Itoa(time.Now().Hour())))
	// return fmt.Sprintf("%x", h.Sum(nil))
	minfactor := strconv.Itoa(time.Now().Hour())
	res := fmt.Sprintf("%x", md5.Sum([]byte(userID+routeName+c.CSRFKey+minfactor)))
	return res
}