veza/veza-backend-api/cmd/tools/create_test_user/main.go

package main

import (
	"fmt"
	"log"
	"os"
	"strings"

	"github.com/joho/godotenv"
	"golang.org/x/crypto/bcrypt"
	"gorm.io/driver/postgres"
	"gorm.io/gorm"

	"veza-backend-api/internal/models"
)

func main() {
	// Load .env file
	if err := godotenv.Load(); err != nil {
		log.Printf("Note: .env file not found, using system environment variables")
	}

	// Get database connection string
	databaseURL := os.Getenv("DATABASE_URL")
	if databaseURL == "" {
		// Fallback to individual components
		dbHost := getEnv("DB_HOST", "localhost")
		dbPort := getEnv("DB_PORT", "5432")
		dbUser := getEnv("DB_USER", "veza")
		dbPassword := getEnv("DB_PASSWORD", "password")
		dbName := getEnv("DB_NAME", "veza")
		databaseURL = fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=disable",
			dbHost, dbPort, dbUser, dbPassword, dbName)
	}

	// Connect to database
	db, err := gorm.Open(postgres.Open(databaseURL), &gorm.Config{})
	if err != nil {
		log.Fatalf("Failed to connect to database: %v", err)
	}

	// Get test user credentials from environment or use defaults
	email := getEnv("TEST_EMAIL", "user@example.com")
	password := getEnv("TEST_PASSWORD", "password123")
	username := getEnv("TEST_USERNAME", "testuser")

	// Check if user already exists
	var existingUser models.User
	result := db.Where("email = ?", email).First(&existingUser)
	if result.Error == nil {
		log.Printf("User with email %s already exists (ID: %s)", email, existingUser.ID)

		// Update password if needed
		hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), 12 /* SECURITY(REM-035): Aligned bcrypt cost */)
		if err != nil {
			log.Fatalf("Failed to hash password: %v", err)
		}

		existingUser.PasswordHash = string(hashedPassword)
		existingUser.IsVerified = true
		existingUser.IsActive = true

		if err := db.Save(&existingUser).Error; err != nil {
			log.Fatalf("Failed to update user: %v", err)
		}

		log.Printf("✅ Updated existing user: %s (password reset, verified and active)", email)
		return
	}

	// Hash password
	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), 12 /* SECURITY(REM-035): Aligned bcrypt cost */)
	if err != nil {
		log.Fatalf("Failed to hash password: %v", err)
	}

	// Generate slug from username
	slug := strings.ToLower(strings.ReplaceAll(username, "_", "-"))

	// Create user
	user := &models.User{
		Email:        email,
		Username:     username,
		Slug:         slug,
		PasswordHash: string(hashedPassword),
		IsVerified:   true,
		IsActive:     true,
		Role:         "user",
		FirstName:    "Test",
		LastName:     "User",
	}

	if err := db.Create(user).Error; err != nil {
		log.Fatalf("Failed to create user: %v", err)
	}

	log.Printf("✅ Created test user successfully!")
	log.Printf("   Email: %s", email)
	log.Printf("   Username: %s", username)
	log.Printf("   Password: %s", password)
	log.Printf("   ID: %s", user.ID)
}

func getEnv(key, defaultValue string) string {
	if value := os.Getenv(key); value != "" {
		return strings.TrimSpace(value)
	}
	return defaultValue
}