#!/usr/bin/env bash
# Reset NPMplus admin password
# Works with NPMplus in container 10233

set -euo pipefail

# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'

log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[✓]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[⚠]${NC} $1"; }
log_error() { echo -e "${RED}[✗]${NC} $1"; }

PROXMOX_HOST="${1:-192.168.11.11}"
CONTAINER_ID="${2:-10233}"
NEW_PASSWORD="${3:-ce8219e321e1cd97bd590fb792d3caeb7e2e3b94ca7e20124acaf253f911ff72}"
EMAIL="${4:-nsatoshi2007@hotmail.com}"

echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo "🔐 NPMplus Password Reset"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo ""

# Generate password hash using Node.js inside npmplus container
log_info "Generating password hash..."
PASSWORD_HASH=$(ssh root@"$PROXMOX_HOST" "pct exec $CONTAINER_ID -- docker exec npmplus node -e \"
const bcrypt = require('bcryptjs');
console.log(bcrypt.hashSync('$NEW_PASSWORD', 10));
\" 2>/dev/null" || echo "")

if [ -z "$PASSWORD_HASH" ]; then
    log_error "Failed to generate password hash"
    exit 1
fi

log_success "Password hash generated"
echo ""

# Update database
log_info "Updating database..."
DB_UPDATE=$(ssh root@"$PROXMOX_HOST" "pct exec $CONTAINER_ID -- docker exec npmplus node -e \"
const Database = require('better-sqlite3');
const db = new Database('/data/npmplus/database.sqlite');
const stmt = db.prepare('UPDATE user SET password = ? WHERE email = ?');
const result = stmt.run('$PASSWORD_HASH', '$EMAIL');
console.log('Updated:', result.changes);
db.close();
\" 2>/dev/null" || echo "")

if echo "$DB_UPDATE" | grep -q "Updated: 1"; then
    log_success "Password reset successfully!"
else
    log_warn "Password update result: $DB_UPDATE"
    log_info "Password may have been updated, or user may not exist"
fi

echo ""
log_info "New credentials:"
log_info "  Email: $EMAIL"
log_info "  Password: $NEW_PASSWORD"
echo ""