#!/bin/bash
set -e

echo "Setting up default project in database..."

# Load environment variables
if [ -f .env ]; then
    export $(cat .env | grep -v '^#' | xargs)
else
    echo "Error: .env file not found"
    exit 1
fi

# Validate required environment variables
if [ -z "$JWT_SECRET" ]; then
    echo "Error: JWT_SECRET not set"
    exit 1
fi

if [ -z "$MADBASE_ANON_KEY" ]; then
    echo "Error: MADBASE_ANON_KEY not set"
    exit 1
fi

if [ -z "$MADBASE_SERVICE_ROLE_KEY" ]; then
    echo "Error: MADBASE_SERVICE_ROLE_KEY not set"
    exit 1
fi

echo "Using JWT_SECRET (first 8 chars): ${JWT_SECRET:0:8}..."
echo "Using JWT_ISSUER: ${JWT_ISSUER:-madbase}..."

# Connect to the control database and update the default project
psql "${DATABASE_URL:-postgres://postgres:postgres@localhost:5432/postgres}" << EOF
-- Update existing default project or insert if not exists
INSERT INTO projects (name, jwt_secret, anon_key, service_role_key, created_at, updated_at)
VALUES (
    'default',
    '$JWT_SECRET',
    '$MADBASE_ANON_KEY',
    '$MADBASE_SERVICE_ROLE_KEY',
    NOW(),
    NOW()
)
ON CONFLICT (name) DO UPDATE SET
    jwt_secret = EXCLUDED.jwt_secret,
    anon_key = EXCLUDED.anon_key,
    service_role_key = EXCLUDED.service_role_key,
    updated_at = NOW();

-- Verify the update
SELECT name, 
       substring(jwt_secret, 1, 8) || '...' as jwt_secret_preview,
       substring(anon_key, 1, 20) || '...' as anon_key_preview,
       substring(service_role_key, 1, 20) || '...' as service_role_key_preview
FROM projects 
WHERE name = 'default';

EOF

echo "Default project setup complete!"