#!/bin/bash

echo "🔐 JWT Secret Generator"
echo "========================"
echo ""

# Method 1: OpenSSL (most secure)
if command -v openssl &> /dev/null; then
    JWT_SECRET_OPENSSL=$(openssl rand -base64 32)
    echo "Method 1 (OpenSSL - Recommended):"
    echo "JWT_SECRET=$JWT_SECRET_OPENSSL"
    echo ""
fi

# Method 2: Node.js crypto
if command -v node &> /dev/null; then
    JWT_SECRET_NODE=$(node -e "console.log(require('crypto').randomBytes(32).toString('base64'))")
    echo "Method 2 (Node.js crypto):"
    echo "JWT_SECRET=$JWT_SECRET_NODE"
    echo ""
fi

# Method 3: Python (if available)
if command -v python3 &> /dev/null; then
    JWT_SECRET_PYTHON=$(python3 -c "import secrets, base64; print(base64.b64encode(secrets.token_bytes(32)).decode())")
    echo "Method 3 (Python):"
    echo "JWT_SECRET=$JWT_SECRET_PYTHON"
    echo ""
fi

# Method 4: Manual example
echo "Method 4 (Manual - change the values):"
echo "JWT_SECRET=MySuper$ecureJWT$ecret2025!Random123"
echo ""

echo "💡 Tips:"
echo "- Use at least 32 characters"
echo "- Mix letters, numbers, and symbols"
echo "- Keep it secret and secure"
echo "- Never commit it to version control"
echo ""
echo "⚠️  Note: Your current app doesn't use JWT authentication yet."
echo "   This is prepared for future authentication features."