require('dotenv').config();
const express = require('express');
const bodyParser = require('body-parser');
const fs = require('fs');
const path = require('path');

const app = express();
const port = 3050;

// IMPORTANT: In a production environment, set the ADMIN_PASSWORD as an environment variable.
// For example: export ADMIN_PASSWORD="your_super_secret_password"
const ADMIN_PASSWORD = process.env.ADMIN_PASSWORD || "balloons";

if (ADMIN_PASSWORD === "balloons") {
    console.warn(`
****************************************************************
** WARNING: Using default, insecure password.                 **
** Please set a secure ADMIN_PASSWORD environment variable    **
** in your production environment.                            **
****************************************************************
    `);
}

// Use body-parser middleware to parse JSON bodies
app.use(bodyParser.json());

// Serve static files from the root directory
app.use(express.static(path.join(__dirname)));

// API endpoint to update the JSON file
app.post('/api/update-status', (req, res) => {
    const { password, data } = req.body;

    if (password !== ADMIN_PASSWORD) {
        return res.status(401).json({ success: false, message: 'Unauthorized: Incorrect password.' });
    }

    if (!data) {
        return res.status(400).json({ success: false, message: 'Bad Request: No data provided.' });
    }

    const jsonString = JSON.stringify(data, null, 4);
    const filePath = path.join(__dirname, 'update.json');

    fs.writeFile(filePath, jsonString, (err) => {
        if (err) {
            console.error('Error writing to update.json:', err);
            return res.status(500).json({ success: false, message: 'Internal Server Error: Could not write to file.' });
        }
        res.json({ success: true, message: 'Status updated successfully.' });
    });
});

app.listen(port, () => {
    console.log(`Server listening at http://localhost:${port}`);
    console.log(`Admin panel available at http://localhost:${port}/admin.html`);
});