require('dotenv').config()
const mongoose = require('mongoose')
const jwt = require('jsonwebtoken')
const { randomUUID } = require('crypto')

const EMAIL = process.argv[2]
const NAME = process.argv[3]

if (!EMAIL || !NAME) {
  console.error('Usage: node scripts/create-admin-and-invite.cjs <email> <name>')
  process.exit(1)
}

const secret = process.env.NUXT_JWT_SECRET || process.env.JWT_SECRET
if (!secret) {
  console.error('Missing NUXT_JWT_SECRET / JWT_SECRET in .env')
  process.exit(1)
}

const baseUrl = (process.env.BASE_URL || '').replace(/\/$/, '')
if (!baseUrl) {
  console.error('Missing BASE_URL in .env (e.g. https://ghostguild.org)')
  process.exit(1)
}

if (!process.env.MONGODB_URI) {
  console.error('Missing MONGODB_URI in .env')
  process.exit(1)
}

;(async () => {
  await mongoose.connect(process.env.MONGODB_URI)
  const members = mongoose.connection.db.collection('members')

  const email = EMAIL.toLowerCase()
  const jti = randomUUID()
  const now = new Date()

  const res = await members.findOneAndUpdate(
    { email },
    {
      $setOnInsert: {
        email,
        name: NAME,
        circle: 'founder',
        contributionAmount: 0,
        role: 'admin',
        status: 'active',
        createdAt: now,
      },
      $set: {
        magicLinkJti: jti,
        magicLinkJtiUsed: false,
      },
    },
    { upsert: true, returnDocument: 'after' },
  )

  const member = res.value || (await members.findOne({ email }))

  const token = jwt.sign({ memberId: member._id, jti }, secret, { expiresIn: '15m' })
  const link = `${baseUrl}/verify#${token}`

  console.log('\nAdmin:', member.email, '(role:', member.role + ', status:', member.status + ')')
  console.log('\nMagic link (expires in 15 min):\n')
  console.log(link, '\n')

  await mongoose.disconnect()
})().catch((err) => {
  console.error(err)
  process.exit(1)
})