#!/bin/bash

USERS_FILE="./api_v1/users.json"
PHOTOS_ROOT="./public/photos"
JWT_SECRET="123456789"
NODE_ENDPOINT="https://prova.patachina.it/scan"

# 1. Legge gli utenti dal JSON
USERS=($(jq -r '.users[].name' "$USERS_FILE"))


WATCH_PATHS=()
for user in "${USERS[@]}"; do
  if [[ "$user" == "Admin" ]]; then
    WATCH_PATHS+=("$PHOTOS_ROOT/Common/original")
  else
    WATCH_PATHS+=("$PHOTOS_ROOT/$user/original")
  fi
done

echo "Monitoro:"
printf '%s\n' "${WATCH_PATHS[@]}"

# 2. Funzione per generare JWT per un utente specifico
generate_jwt() {
  local user="$1"
  local header payload signature

  header=$(echo -n '{"alg":"HS256","typ":"JWT"}' | base64 -w0 | tr '+/' '-_' | tr -d '=')
  payload=$(echo -n "{\"name\":\"$user\",\"email\":\"$user@system\",\"id\":999,\"ts\":$(date +%s)}" \
            | base64 -w0 | tr '+/' '-_' | tr -d '=')
  signature=$(echo -n "$header.$payload" \
            | openssl dgst -sha256 -hmac "$JWT_SECRET" -binary \
            | base64 -w0 | tr '+/' '-_' | tr -d '=')

  echo "$header.$payload.$signature"
}

# 3. Avvia inotifywait su tutte le directory
inotifywait -m -r -e create,modify,delete "${WATCH_PATHS[@]}" |
while read fullpath action file; do
    echo "Evento: $action su $file"

    # 4. Estrae l’utente dal path
    # Esempio: /photos/Fabio/originale/IMG001.jpg → Fabio
    user=$(echo "$fullpath" | awk -F'/' '{print $(NF-2)}')

    echo "Utente rilevato: $user"

    JWT=$(generate_jwt "$user")

    curl -X GET "$NODE_ENDPOINT" \
      -H "Authorization: Bearer $JWT"
done