// genhash generates a bcrypt password hash suitable for use as ADMIN_PASSWORD_HASH.
//
// Usage:
//
//	go run ./tools/genhash <password>
//	make genhash
package main

import (
	"fmt"
	"os"

	"golang.org/x/crypto/bcrypt"
)

func main() {
	if len(os.Args) < 2 {
		fmt.Fprintln(os.Stderr, "usage: genhash <password>")
		fmt.Fprintln(os.Stderr, "  or:  make genhash")
		os.Exit(1)
	}
	password := os.Args[1]
	if len(password) == 0 {
		fmt.Fprintln(os.Stderr, "error: password cannot be empty")
		os.Exit(1)
	}
	hash, err := bcrypt.GenerateFromPassword([]byte(password), 12)
	if err != nil {
		fmt.Fprintln(os.Stderr, "error:", err)
		os.Exit(1)
	}
	fmt.Println(string(hash))
	fmt.Fprintln(os.Stderr, "\nSet this as ADMIN_PASSWORD_HASH in your .env file.")
}