#!/usr/bin/env node

// Simple test script to verify email authorization
require('dotenv').config();
const jwt = require('jsonwebtoken');

console.log('🧪 Testing Email Authorization System\n');

// Test data
const JWT_SECRET = process.env.JWT_SECRET || 'fallback_secret';
const AUTHORIZED_EMAILS = process.env.AUTHORIZED_EMAILS || '';

console.log(`Authorized emails: ${AUTHORIZED_EMAILS || 'None (all users allowed)'}`);

// Test cases
const testUsers = [
  { email: 'admin@example.com', name: 'Admin User' },
  { email: 'user1@example.com', name: 'User One' },
  { email: 'unauthorized@hacker.com', name: 'Unauthorized User' },
];

// Import the authorization function
const { isEmailAuthorized } = require('./src/middleware/emailAuth');

console.log('\n📋 Authorization Test Results:\n');

testUsers.forEach(user => {
  const isAuthorized = isEmailAuthorized(user.email);
  const status = isAuthorized ? '✅ AUTHORIZED' : '❌ DENIED';
  console.log(`${status} - ${user.name} (${user.email})`);
  
  if (isAuthorized) {
    // Create a JWT token for authorized users
    const token = jwt.sign(
      { id: 'test', email: user.email, name: user.name },
      JWT_SECRET,
      { expiresIn: '1h' }
    );
    console.log(`  Token: ${token.substring(0, 50)}...`);
  }
});

console.log('\n🔐 Security Check:');
console.log(`- Email authorization: ${AUTHORIZED_EMAILS && AUTHORIZED_EMAILS.trim() !== '' ? 'ENABLED' : 'DISABLED'}`);
console.log(`- JWT verification: ENABLED`);
console.log(`- API endpoint protection: ENABLED`);

if (!AUTHORIZED_EMAILS || AUTHORIZED_EMAILS.trim() === '') {
  console.log('\n🛡️  SECURITY: No authorized emails configured. ALL USERS DENIED ACCESS.');
  console.log('   Set AUTHORIZED_EMAILS in your .env file to allow specific users.');
}

console.log('\n✅ Authorization system test complete!');