#!/bin/bash
# Quick Deployment Checklist Script
# Run this before deploying to production

echo "🔍 SkyArtShop Pre-Deployment Checklist"
echo "========================================"
echo ""

# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

check_pass() {
    echo -e "${GREEN}✓${NC} $1"
}

check_fail() {
    echo -e "${RED}✗${NC} $1"
}

check_warn() {
    echo -e "${YELLOW}⚠${NC} $1"
}

# Check 1: .env file exists
echo "1. Checking environment configuration..."
if [ -f ".env" ]; then
    check_pass ".env file exists"
    
    # Check for default/weak values
    if grep -q "your_secure_password_here" .env; then
        check_fail "Default password found in .env - CHANGE IT!"
    else
        check_pass "No default passwords found"
    fi
    
    if grep -q "skyart-shop-secret-2025-change-this-in-production" .env; then
        check_fail "Default SESSION_SECRET found - GENERATE NEW ONE!"
    else
        check_pass "SESSION_SECRET appears to be custom"
    fi
else
    check_fail ".env file not found - copy .env.example and configure"
fi
echo ""

# Check 2: Dependencies installed
echo "2. Checking dependencies..."
if [ -d "backend/node_modules" ]; then
    check_pass "node_modules exists"
else
    check_fail "node_modules not found - run: cd backend && npm install"
fi
echo ""

# Check 3: Log directory
echo "3. Checking log directory..."
if [ -d "backend/logs" ]; then
    check_pass "logs directory exists"
else
    check_warn "logs directory not found - will be created automatically"
    mkdir -p backend/logs
    check_pass "Created logs directory"
fi
echo ""

# Check 4: Uploads directory
echo "4. Checking uploads directory..."
if [ -d "website/uploads" ]; then
    check_pass "uploads directory exists"
else
    check_warn "uploads directory not found - creating it"
    mkdir -p website/uploads
    check_pass "Created uploads directory"
fi
echo ""

# Check 5: PostgreSQL connection
echo "5. Checking database connection..."
if command -v psql &> /dev/null; then
    # Try to connect using .env values
    if [ -f ".env" ]; then
        source .env
        if psql -h $DB_HOST -p $DB_PORT -U $DB_USER -d $DB_NAME -c "SELECT 1;" &> /dev/null; then
            check_pass "Database connection successful"
        else
            check_fail "Cannot connect to database - check credentials"
        fi
    else
        check_warn "Cannot test database - .env not found"
    fi
else
    check_warn "psql not found - cannot test database connection"
fi
echo ""

# Check 6: Syntax validation
echo "6. Validating JavaScript syntax..."
cd backend
if node -c server.js 2>/dev/null && \
   node -c config/database.js 2>/dev/null && \
   node -c config/logger.js 2>/dev/null; then
    check_pass "All core files syntax valid"
else
    check_fail "Syntax errors found - check files"
fi
cd ..
echo ""

# Check 7: PM2 status
echo "7. Checking PM2 configuration..."
if command -v pm2 &> /dev/null; then
    check_pass "PM2 installed"
    if pm2 list | grep -q "skyartshop"; then
        check_pass "SkyArtShop PM2 process exists"
    else
        check_warn "SkyArtShop not in PM2 - will need to add"
    fi
else
    check_fail "PM2 not installed - run: npm install -g pm2"
fi
echo ""

# Check 8: Security audit
echo "8. Running security audit..."
cd backend
npm audit --production 2>/dev/null | head -n 3
cd ..
echo ""

# Check 9: Nginx configuration
echo "9. Checking Nginx..."
if command -v nginx &> /dev/null; then
    check_pass "Nginx installed"
    if [ -f "/etc/nginx/sites-enabled/skyartshop" ] || [ -f "nginx-skyartshop-secured.conf" ]; then
        check_pass "Nginx configuration found"
    else
        check_warn "Nginx configuration not found in sites-enabled"
    fi
else
    check_warn "Nginx not installed or not in PATH"
fi
echo ""

# Check 10: File permissions
echo "10. Checking file permissions..."
if [ -w "backend/logs" ]; then
    check_pass "Logs directory is writable"
else
    check_fail "Logs directory not writable - run: chmod 755 backend/logs"
fi

if [ -w "website/uploads" ]; then
    check_pass "Uploads directory is writable"
else
    check_fail "Uploads directory not writable - run: chmod 755 website/uploads"
fi
echo ""

# Summary
echo "========================================"
echo "📋 Summary"
echo "========================================"
echo ""
echo "Before deploying to production:"
echo "1. ✓ Update .env with strong passwords"
echo "2. ✓ Generate new SESSION_SECRET (32+ chars)"
echo "3. ✓ Set NODE_ENV=production"
echo "4. ✓ Configure SSL certificates"
echo "5. ✓ Set up nginx reverse proxy"
echo "6. ✓ Configure firewall (ufw/iptables)"
echo "7. ✓ Run: pm2 restart skyartshop"
echo "8. ✓ Run: pm2 save"
echo "9. ✓ Monitor logs: pm2 logs skyartshop"
echo "10. ✓ Test: curl http://localhost:5000/health"
echo ""
echo "Generate SESSION_SECRET with:"
echo "node -e \"console.log(require('crypto').randomBytes(32).toString('hex'))\""
echo ""
echo "========================================"