#!/bin/bash
# =============================================================================
# FF AI Workspace 环境配置验证脚本
# =============================================================================
#
# 用途: 验证环境配置是否完整
# 用法: bash scripts/env/validate-env.sh
#
# =============================================================================

set -e

# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'

print_info() {
    echo -e "${BLUE}ℹ️  $1${NC}"
}

print_success() {
    echo -e "${GREEN}✅ $1${NC}"
}

print_warning() {
    echo -e "${YELLOW}⚠️  $1${NC}"
}

print_error() {
    echo -e "${RED}❌ $1${NC}"
}

# 检查 .env 文件是否存在
if [ ! -f ".env" ]; then
    print_error ".env 文件不存在"
    print_info "运行: bash scripts/env/setup-env.sh"
    exit 1
fi

print_info "开始验证环境配置..."
echo ""

# 必需的环境变量列表
REQUIRED_VARS=(
    "NODE_ENV"
    "DATABASE_URL"
    "POSTGRES_DB"
    "POSTGRES_USER"
    "POSTGRES_PASSWORD"
    "REDIS_HOST"
    "REDIS_PORT"
    "JWT_SECRET"
    "AUDIT_HMAC_SECRET"
    "NEXT_PUBLIC_API_URL"
)

# 推荐的环境变量列表
RECOMMENDED_VARS=(
    "REDIS_PASSWORD"
    "MINIO_ACCESS_KEY"
    "MINIO_SECRET_KEY"
    "CORS_ORIGIN"
    "FRONTEND_URL"
)

# 检查变量
MISSING=()
EMPTY=()
WEAK_SECRETS=()

for var in "${REQUIRED_VARS[@]}"; do
    if ! grep -q "^${var}=" .env 2>/dev/null; then
        MISSING+=("$var")
    else
        value=$(grep "^${var}=" .env | cut -d'=' -f2-)
        if [ -z "$value" ] || [ "$value" = "your-" ] || [[ "$value" =~ ^your- ]]; then
            EMPTY+=("$var")
        fi
        
        # 检查密钥强度
        if [[ "$var" == *"SECRET"* ]] || [[ "$var" == *"PASSWORD"* ]]; then
            if [ ${#value} -lt 32 ]; then
                WEAK_SECRETS+=("$var (长度: ${#value}, 推荐: >=32)")
            fi
        fi
    fi
done

# 检查推荐变量
MISSING_RECOMMENDED=()
for var in "${RECOMMENDED_VARS[@]}"; do
    if ! grep -q "^${var}=" .env 2>/dev/null; then
        MISSING_RECOMMENDED+=("$var")
    else
        value=$(grep "^${var}=" .env | cut -d'=' -f2-)
        if [ -z "$value" ]; then
            MISSING_RECOMMENDED+=("$var")
        fi
    fi
done

# 输出结果
HAS_ERROR=0

if [ ${#MISSING[@]} -eq 0 ] && [ ${#EMPTY[@]} -eq 0 ]; then
    print_success "所有必需的环境变量都已配置"
else
    HAS_ERROR=1
    
    if [ ${#MISSING[@]} -gt 0 ]; then
        print_error "缺少必需的环境变量:"
        for var in "${MISSING[@]}"; do
            echo "     - $var"
        done
        echo ""
    fi
    
    if [ ${#EMPTY[@]} -gt 0 ]; then
        print_error "以下必需变量未设置实际值:"
        for var in "${EMPTY[@]}"; do
            echo "     - $var"
        done
        echo ""
    fi
fi

# 密钥强度警告
if [ ${#WEAK_SECRETS[@]} -gt 0 ]; then
    print_warning "以下密钥长度不足:"
    for var in "${WEAK_SECRETS[@]}"; do
        echo "     - $var"
    done
    echo ""
fi

# 推荐变量警告
if [ ${#MISSING_RECOMMENDED[@]} -gt 0 ]; then
    print_warning "缺少推荐的环境变量（可选）:"
    for var in "${MISSING_RECOMMENDED[@]}"; do
        echo "     - $var"
    done
    echo ""
fi

# 检查子项目
print_info "检查子项目配置..."
for dir in backend frontend docker; do
    if [ -d "$dir" ]; then
        if [ -f "$dir/.env" ]; then
            print_success "$dir/.env 存在"
        else
            print_warning "$dir/.env 不存在"
            HAS_ERROR=1
        fi
    fi
done

echo ""

# 总结
if [ $HAS_ERROR -eq 0 ]; then
    print_success "环境配置验证通过！"
    echo ""
    print_info "可以开始开发了："
    echo "  cd backend && npm run start:dev"
    echo "  cd frontend && npm run dev"
    exit 0
else
    print_error "环境配置验证失败"
    echo ""
    print_info "请修正以上问题后重新验证"
    print_info "编辑配置: vim .env"
    exit 1
fi