#!/bin/bash
# Start mitmproxy with authentication

set -e

CONFIG_DIR="/root/kwork-parser/mitmproxy"
LOG_FILE="/root/kwork-parser/mitmproxy/mitmproxy.log"
PID_FILE="/root/kwork-parser/mitmproxy/mitmproxy.pid"

echo "=== Mitmproxy Startup ==="
echo "Config: $CONFIG_DIR/mitmproxy.conf"
echo "Auth addon: $CONFIG_DIR/auth.py"
echo "Log: $LOG_FILE"
echo ""

# Check if already running
if [ -f "$PID_FILE" ]; then
    OLD_PID=$(cat "$PID_FILE")
    if kill -0 "$OLD_PID" 2>/dev/null; then
        echo "⚠️  mitmproxy already running (PID: $OLD_PID)"
        echo "Stop with: sudo systemctl stop mitmproxy"
        exit 1
    fi
fi

# Create certificate if not exists
if [ ! -f ~/.mitmproxy/mitmproxy-ca.pem ]; then
    echo "📜 Generating SSL certificate..."
    mitmproxy --version > /dev/null
fi

# Start mitmproxy
echo "🚀 Starting mitmproxy..."
nohup mitmdump \
    -s "$CONFIG_DIR/auth.py" \
    --set auth_user=claw \
    --set auth_pass="KworkParser2026!" \
    -p 8080 \
    --mode regular \
    --set ssl_insecure=false \
    --set add_upstream_certs_to_client_chain=true \
    -w "$CONFIG_DIR/flows.mitm" \
    -v \
    > "$LOG_FILE" 2>&1 &

echo $! > "$PID_FILE"
sleep 2

# Check if running
if kill -0 $(cat "$PID_FILE") 2>/dev/null; then
    echo "✅ mitmproxy started successfully!"
    echo ""
    echo "📱 Phone configuration:"
    echo "   Proxy: $(curl -s ifconfig.me):8080"
    echo "   Login: claw"
    echo "   Password: KworkParser2026!"
    echo ""
    echo "🔒 Certificate:"
    echo "   http://$(curl -s ifconfig.me):8080/mitmproxy/mitmproxy-ca.cer"
    echo ""
    echo "📊 View logs:"
    echo "   tail -f $LOG_FILE"
    echo "   python3 /root/kwork-parser/scripts/view_flows.py"
    echo ""
    echo "🛑 Stop:"
    echo "   sudo systemctl stop mitmproxy"
    echo "   or: kill $(cat $PID_FILE)"
else
    echo "❌ Failed to start mitmproxy"
    echo "Check log: $LOG_FILE"
    exit 1
fi