import Fastify from "fastify";
import fastifyStatic from "@fastify/static";
import { exec } from "child_process";
import { promisify } from "util";
import path from "path";
import crypto from "crypto";

const verifySignature = (payload, signature, secret) => {
  const computedSignature = crypto
    .createHmac("sha256", secret)
    .update(JSON.stringify(payload))
    .digest("hex");
  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(computedSignature)
  );
};

const execAsync = promisify(exec);
const fastify = Fastify({ logger: true });

fastify.register(fastifyStatic, {
  root: path.join(process.cwd(), "dist"),
  prefix: "/",
});

fastify.post("/webhook", async (request, reply) => {
  const signature = request.headers["strapi-signature"];

  if (process.env.WEBHOOK_SECRET) {
    const isValid = verifySignature(
      request.body,
      signature,
      process.env.WEBHOOK_SECRET
    );
    if (!isValid) {
      return reply.code(401).send({ error: "Invalid signature" });
    }
  }

  try {
    const { stdout } = await execAsync("npm run build");
    fastify.log.info(`Build output: ${stdout}`);
    return { status: "success", message: "Build completed" };
  } catch (error) {
    fastify.log.error(error);
    return reply.code(500).send({ error: "Build failed" });
  }
});

fastify.listen({ port: 3000, host: "0.0.0.0" }, (err) => {
  if (err) {
    fastify.log.error(err);
    process.exit(1);
  }
});