const CryptoJS = require('crypto-js')

const SIGNATURE_SECRET = 'NovalonManageSystemSecretKey2026'

function generateSignature(method, path, query = '', body = '', timestamp, nonce) {
  const stringToSign = [
    method,
    path,
    query || '',
    body || '',
    timestamp.toString(),
    nonce
  ].join('\n')
  
  console.log('String to sign:', stringToSign)
  
  const signature = CryptoJS.HmacSHA256(stringToSign, SIGNATURE_SECRET)
  const signatureBase64 = CryptoJS.enc.Base64.stringify(signature)
  
  return signatureBase64
}

function generateNonce() {
  const timestamp = Date.now().toString(36)
  const randomPart = Math.random().toString(36).substring(2, 15)
  return `${timestamp}-${randomPart}`
}

const timestamp = Date.now()
const nonce = generateNonce()
const method = 'POST'
const path = '/api/auth/login'
const query = ''
const body = JSON.stringify({ username: 'admin', password: 'admin123' })

const signature = generateSignature(method, path, query, body, timestamp, nonce)

console.log('\nGenerated Signature Headers:')
console.log('X-Signature:', signature)
console.log('X-Timestamp:', timestamp)
console.log('X-Nonce:', nonce)

console.log('\ncurl command:')
console.log(`curl -X POST http://localhost:8080/api/auth/login \\
  -H "Content-Type: application/json" \\
  -H "X-Signature: ${signature}" \\
  -H "X-Timestamp: ${timestamp}" \\
  -H "X-Nonce: ${nonce}" \\
  -d '${body}'`)