CREATE FUNCTION _api.sign_jwt(
	_role TEXT,
	_user_id INTEGER
)
RETURNS sys.JWT
LANGUAGE plpgsql VOLATILE
AS $BODY$
DECLARE
	_jwt_secret TEXT;
	_token sys.JWT;
BEGIN
	SELECT jwt_secret INTO _jwt_secret
	FROM sys.database_info
	WHERE name = current_database();

	SELECT public.sign(
		row_to_json(r), _jwt_secret
	) INTO _token
	FROM (
		SELECT
			_role AS role,
			_user_id AS user_id,
			extract(epoch FROM now())::integer + (60 * 60 * 24) AS exp
	) r;

	RETURN _token;
END
$BODY$;

GRANT EXECUTE ON FUNCTION _api.sign_jwt(TEXT, INTEGER)
	TO rest_anon, rest_user;
GRANT SELECT ON TABLE sys.database_info
	TO rest_anon, rest_user;