#!/bin/bash

# Script to change MQTT Admin Password
# Usage: ./change-mqtt-admin-password.sh <new-password>

set -e

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# Check if password argument is provided
if [ -z "$1" ]; then
    echo -e "${RED}Error: No password provided${NC}"
    echo "Usage: $0 <new-password>"
    exit 1
fi

NEW_PASSWORD="$1"

# Validate password (minimum 8 characters recommended)
if [ ${#NEW_PASSWORD} -lt 8 ]; then
    echo -e "${YELLOW}Warning: Password is shorter than 8 characters${NC}"
    read -p "Continue anyway? (y/n) " -n 1 -r
    echo
    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
        exit 1
    fi
fi

echo -e "${GREEN}Starting MQTT Admin Password Change...${NC}"
echo

# Step 1: Update .env file
echo -e "${YELLOW}Step 1: Updating .env file...${NC}"

if [ ! -f .env ]; then
    echo -e "${RED}Error: .env file not found${NC}"
    exit 1
fi

# Check if MQTT_ADMIN_PASSWORD exists in .env
if grep -q "^MQTT_ADMIN_PASSWORD=" .env; then
    # Update existing password
    sed -i "s/^MQTT_ADMIN_PASSWORD=.*/MQTT_ADMIN_PASSWORD=${NEW_PASSWORD}/" .env
    echo -e "${GREEN}✓ Updated MQTT_ADMIN_PASSWORD in .env${NC}"
else
    # Add password if it doesn't exist
    echo "MQTT_ADMIN_PASSWORD=${NEW_PASSWORD}" >> .env
    echo -e "${GREEN}✓ Added MQTT_ADMIN_PASSWORD to .env${NC}"
fi

echo

# Step 2: Restart containers
echo -e "${YELLOW}Step 2: Restarting containers...${NC}"
docker-compose restart
echo -e "${GREEN}✓ Containers restarted${NC}"
echo

# Step 3: Wait for app to be ready
echo -e "${YELLOW}Step 3: Waiting for app to be ready...${NC}"
sleep 5
echo -e "${GREEN}✓ App should be ready${NC}"
echo

# Step 4: Trigger sync via internal Node.js script
echo -e "${YELLOW}Step 4: Triggering MQTT configuration sync...${NC}"

# Create a temporary Node.js script to trigger sync
cat > /tmp/trigger-mqtt-sync.js << 'EOF'
// Trigger MQTT Sync from inside the container
async function triggerSync() {
  try {
    // Import the sync function
    const { syncMosquittoConfig } = require('./lib/mosquitto-sync');

    console.log('Triggering Mosquitto sync...');
    const result = await syncMosquittoConfig();

    if (result.success) {
      console.log('✓ Sync successful');
      console.log('Message:', result.message);
      process.exit(0);
    } else {
      console.error('✗ Sync failed');
      console.error('Message:', result.message);
      process.exit(1);
    }
  } catch (error) {
    console.error('✗ Sync error:', error.message);
    process.exit(1);
  }
}

triggerSync();
EOF

# Copy script into container and execute
docker cp /tmp/trigger-mqtt-sync.js location-tracker:/app/trigger-mqtt-sync.js

# Execute the sync script inside the container
if docker exec location-tracker node trigger-mqtt-sync.js; then
    echo -e "${GREEN}✓ MQTT configuration synced successfully${NC}"
else
    echo -e "${RED}✗ Sync failed, but password is updated in .env${NC}"
    echo -e "${YELLOW}You can manually trigger sync from the Admin Panel${NC}"
fi

# Cleanup
docker exec location-tracker rm -f trigger-mqtt-sync.js
rm -f /tmp/trigger-mqtt-sync.js

echo
echo -e "${GREEN}========================================${NC}"
echo -e "${GREEN}MQTT Admin Password Change Complete!${NC}"
echo -e "${GREEN}========================================${NC}"
echo
echo -e "New password: ${YELLOW}${NEW_PASSWORD}${NC}"
echo
echo -e "${YELLOW}Note:${NC} All MQTT connections using the old admin password will need to reconnect."
echo