#!/bin/bash
echo "🧪 Testing Login API Flow..."
echo ""

# Get CSRF token
echo "1️⃣ Fetching CSRF token..."
CSRF_TOKEN=$(curl -s http://localhost:9000/api/auth/csrf | jq -r .csrfToken)
echo "   Token: ${CSRF_TOKEN:0:20}..."
echo ""

# Test login
echo "2️⃣ Testing login with real credentials..."
RESPONSE=$(curl -s -X POST http://localhost:9000/api/auth/login \
  -H "Content-Type: application/json" \
  -H "X-CSRF-Token: $CSRF_TOKEN" \
  -d '{"identifier": "realtest@mawidi.com", "password": "TestPassword123!@#"}')

echo "$RESPONSE" | jq
echo ""

# Check if successful
if echo "$RESPONSE" | jq -e '.success' > /dev/null 2>&1; then
  echo "✅ Login successful!"
  USER_ID=$(echo "$RESPONSE" | jq -r '.user.id')
  echo "   User ID: $USER_ID"
  echo "   Email: $(echo "$RESPONSE" | jq -r '.user.email')"
else
  echo "❌ Login failed"
  echo "   Error: $(echo "$RESPONSE" | jq -r '.error')"
fi