# scripts/change_password.py
import os
import sys
import bcrypt
from dotenv import load_dotenv
from sqlalchemy import create_engine, text

# Add the project root to the Python path
sys.path.append(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))

def main(username, new_password):
    load_dotenv()
    
    database_url = os.environ.get("DATABASE_URL")
    if not database_url:
        print("Error: DATABASE_URL not found in .env file.")
        return

    # Hash the new password
    hashed_password = bcrypt.hashpw(new_password.encode('utf-8'), bcrypt.gensalt()).decode('utf-8')

    engine = create_engine(database_url)
    with engine.connect() as connection:
        # Using text() to create a SQL expression
        query = text("UPDATE aura_users SET password_hash = :password WHERE username = :username")
        connection.execute(query, {"password": hashed_password, "username": username})
        # Commit the transaction
        connection.commit()

    print(f"Password for user '{username}' has been updated successfully.")

if __name__ == "__main__":
    if len(sys.argv) != 3:
        print("Usage: python change_password.py <username> <new_password>")
    else:
        main(sys.argv[1], sys.argv[2])