#!/usr/bin/env python3
"""
grab_cookie.py — log in to jailbirdz.com and write the session cookie to .env.

Requires WP_USERNAME and WP_PASSWORD to be set in the environment or .env.

Usage:
    python grab_cookie.py
"""

import os
from pathlib import Path
from typing import Literal
import requests
from config import BASE_URL

ENV_FILE = Path(".env")
ENV_KEY = "WP_LOGIN_COOKIE"
COOKIE_PREFIX = "wordpress_logged_in_"


def update_env(name: str, value: str) -> Literal["updated", "appended", "created"]:
    """Write WP_LOGIN_COOKIE=name=value into .env, replacing any existing line."""
    new_line = f"{ENV_KEY}={name}={value}\n"

    if ENV_FILE.exists():
        text = ENV_FILE.read_text(encoding="utf-8")
        lines = text.splitlines(keepends=True)
        for i, line in enumerate(lines):
            key, sep, _ = line.partition("=")
            if key.strip() == ENV_KEY and sep:
                lines[i] = new_line
                ENV_FILE.write_text("".join(lines), encoding="utf-8")
                return "updated"
        # Key not present — append
        if text and not text.endswith("\n"):
            text += "\n"
        ENV_FILE.write_text(text + new_line, encoding="utf-8")
        return "appended"
    else:
        ENV_FILE.write_text(new_line, encoding="utf-8")
        return "created"


def login_and_get_cookie(username: str, password: str) -> tuple[str, str]:
    """POST to wp-admin/admin-ajax.php (xootix action) and return (cookie_name, cookie_value).

    No browser needed — the xootix login endpoint takes plain form fields and returns
    the wordpress_logged_in_* cookie directly in the response Set-Cookie headers.
    """
    session = requests.Session()
    r = session.post(
        f"{BASE_URL}/wp-admin/admin-ajax.php",
        data={
            "xoo-el-username": username,
            "xoo-el-password": password,
            "xoo-el-rememberme": "forever",
            "_xoo_el_form": "login",
            "xoo_el_redirect": "/",
            "action": "xoo_el_form_action",
            "display": "popup",
        },
        headers={
            "Referer": f"{BASE_URL}/",
            "Origin": BASE_URL,
            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:147.0) Gecko/20100101 Firefox/147.0",
        },
        timeout=30,
    )
    r.raise_for_status()
    result = r.json()
    if result.get("error"):
        raise RuntimeError(f"Login rejected by server: {result.get('notice', result)}")

    for name, value in session.cookies.items():
        if name.startswith(COOKIE_PREFIX):
            return name, value

    raise RuntimeError(
        "Server accepted login but no wordpress_logged_in_* cookie was set.\n"
        "    Check that WP_USERNAME and WP_PASSWORD are correct."
    )


def _auto_login() -> None:
    username = os.environ.get("WP_USERNAME", "").strip()
    password = os.environ.get("WP_PASSWORD", "").strip()
    if not username or not password:
        raise SystemExit(
            "[!] WP_USERNAME and WP_PASSWORD must be set in the environment or .env — see .env.example."
        )
    try:
        cookie_name, cookie_value = login_and_get_cookie(username, password)
    except RuntimeError as e:
        raise SystemExit(f"[!] {e}")
    print(f"[+] Login succeeded: {cookie_name}")
    action = update_env(cookie_name, cookie_value)
    print(f"[✓] {ENV_KEY} {action} in {ENV_FILE}.")


def main() -> None:
    _auto_login()


if __name__ == "__main__":
    main()