#!/usr/bin/env tsx
/**
 * Script to create an admin user in Supabase Auth
 * 
 * Usage:
 *   tsx scripts/create-admin-user.ts <email> <password> [username]
 * 
 * Example:
 *   tsx scripts/create-admin-user.ts admin@example.com mySecurePassword123 admin
 */

// Load environment variables BEFORE importing Supabase
import * as dotenv from 'dotenv';
import path from 'node:path';
import fs from 'node:fs';

const envPaths = [
  path.resolve(process.cwd(), '.env.local'),
  path.resolve(process.cwd(), '.env'),
  path.resolve(__dirname, '..', '.env.local'),
  path.resolve(__dirname, '..', '.env'),
];

let envLoaded = false;
for (const envPath of envPaths) {
  if (fs.existsSync(envPath)) {
    dotenv.config({ path: envPath });
    envLoaded = true;
    console.log(`📁 Loaded environment from: ${envPath}`);
    break;
  }
}

if (!envLoaded) {
  console.warn(`⚠️  No .env file found. Checked: ${envPaths.join(', ')}`);
}

// Verify required Supabase env vars
if (!process.env.NEXT_PUBLIC_SUPABASE_URL) {
  console.error('❌ Error: NEXT_PUBLIC_SUPABASE_URL is required');
  console.error('   Please set it in .env.local');
  process.exit(1);
}

if (!process.env.SUPABASE_SERVICE_ROLE_KEY) {
  console.error('❌ Error: SUPABASE_SERVICE_ROLE_KEY is required');
  console.error('   Please set it in .env.local');
  console.error('');
  console.error('   You can find these values in your Supabase dashboard:');
  console.error('   - Project URL → NEXT_PUBLIC_SUPABASE_URL');
  console.error('   - Service Role Key → SUPABASE_SERVICE_ROLE_KEY');
  process.exit(1);
}

// Import Supabase directly to avoid ENV validation issues in scripts
import { createClient } from '@supabase/supabase-js';

const SUPABASE_URL = process.env.NEXT_PUBLIC_SUPABASE_URL;
const SUPABASE_SERVICE_ROLE_KEY = process.env.SUPABASE_SERVICE_ROLE_KEY;

if (!SUPABASE_URL || !SUPABASE_SERVICE_ROLE_KEY) {
  console.error('❌ Missing required Supabase environment variables');
  console.error(`   NEXT_PUBLIC_SUPABASE_URL: ${SUPABASE_URL ? '✅' : '❌'}`);
  console.error(`   SUPABASE_SERVICE_ROLE_KEY: ${SUPABASE_SERVICE_ROLE_KEY ? '✅' : '❌'}`);
  process.exit(1);
}

// Create Supabase admin client directly
const supabaseAdmin = createClient(SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY, {
  auth: {
    autoRefreshToken: false,
    persistSession: false,
  },
});

async function createAdminUser() {
  const args = process.argv.slice(2);
  
  if (args.length < 2) {
    console.error('Usage: tsx scripts/create-admin-user.ts <email> <password> [username]');
    console.error('');
    console.error('Example:');
    console.error('  tsx scripts/create-admin-user.ts admin@example.com mySecurePassword123 admin');
    process.exit(1);
  }

  const email = args[0];
  const password = args[1];
  const username = args[2] || email.split('@')[0];

  if (!email.includes('@')) {
    console.error('Error: Email must be a valid email address');
    process.exit(1);
  }

  if (password.length < 8) {
    console.error('Error: Password must be at least 8 characters long');
    process.exit(1);
  }

  try {
    console.log('Creating admin user in Supabase...');
    console.log(`  Email: ${email}`);
    console.log(`  Username: ${username}`);
    console.log('');
    console.log('Supabase Configuration:');
    console.log(`  URL: ${SUPABASE_URL?.substring(0, 50)}...`);
    console.log(`  Service Role Key: ${SUPABASE_SERVICE_ROLE_KEY ? '✅ Set' : '❌ Missing'}`);
    console.log('');
    
    const { data, error } = await supabaseAdmin.auth.admin.createUser({
      email,
      password,
      email_confirm: true, // Auto-confirm email
      user_metadata: {
        role: 'admin',
        isAdmin: true,
        username: username,
      },
    });

    if (error) {
      console.error('Error creating admin user:', error.message);
      
      if (error.message.includes('already registered')) {
        console.error('');
        console.error('This email is already registered. You can:');
        console.error('  1. Use a different email');
        console.error('  2. Reset the password in Supabase dashboard');
        console.error('  3. Update the user metadata to add admin role');
      }
      
      process.exit(1);
    }

    if (data?.user) {
      console.log('✅ Admin user created successfully!');
      console.log('');
      console.log('User details:');
      console.log(`  ID: ${data.user.id}`);
      console.log(`  Email: ${data.user.email}`);
      console.log(`  Username: ${username}`);
      console.log(`  Role: admin`);
      console.log('');
      console.log('You can now log in to the admin dashboard with:');
      console.log(`  Email: ${email}`);
      console.log(`  Password: ${password}`);
      console.log('');
    } else {
      console.error('Error: User was not created');
      process.exit(1);
    }
  } catch (error) {
    console.error('Unexpected error:', error);
    process.exit(1);
  }
}

createAdminUser();