//! WSS + Authentication Example
//! 
//! This example demonstrates a secure WebSocket server with:
//! - TLS/WSS encryption
//! - secp256k1 authentication
//! - Message handling with authentication verification
//! 
//! Usage: cargo run --manifest-path src/server/Cargo.toml --example wss_auth_example

use circle_ws_lib::{ServerConfig, spawn_circle_server};
use log::{info, warn};
use std::time::Duration;
use tokio::time::sleep;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Initialize logging
    env_logger::init();

    info!("🔐 Starting WSS + Authentication Server Example");
    info!("🛡️  This example demonstrates secure WebSocket with authentication");

    // Create server configuration with TLS and authentication enabled
    let mut config = ServerConfig::new(
        "127.0.0.1".to_string(),
        8080,  // Regular WebSocket port
        "redis://127.0.0.1:6379".to_string(),
    );
    
    // Configure TLS settings
    config.enable_tls = true;
    config.tls_port = Some(8443);
    config.cert_path = Some("cert.pem".to_string());
    config.key_path = Some("key.pem".to_string());
    config.enable_auth = true;  // Enable secp256k1 authentication

    info!("📋 Server Configuration:");
    info!("   Host: {}", config.host);
    info!("   Regular WS Port: {}", config.port);
    info!("   WSS Port: {}", config.tls_port.unwrap_or(0));
    info!("   TLS Enabled: {}", config.enable_tls);
    info!("   Auth Enabled: {}", config.enable_auth);
    info!("   Certificate: {:?}", config.cert_path);
    info!("   Private Key: {:?}", config.key_path);

    // Start the server
    let (join_handle, _server_handle) = spawn_circle_server(config)
        .map_err(|e| -> Box<dyn std::error::Error> {
            warn!("❌ Failed to start WSS + Auth server: {}", e);
            Box::new(e)
        })?;

    info!("✅ WSS + Auth Server started successfully!");
    info!("🔒 Secure WebSocket URL: wss://127.0.0.1:8443/ws");
    info!("🔓 Regular WebSocket URL: ws://127.0.0.1:8080/ws");
    info!("🛡️  Authentication: secp256k1 signatures required");
    info!("");
    info!("🧪 To test authenticated connections:");
    info!("   1. Generate a secp256k1 key pair");
    info!("   2. Sign your messages with the private key");
    info!("   3. Include the signature in your WebSocket messages");
    info!("   4. The server will verify signatures before processing");
    info!("");
    info!("📝 Message format for authenticated requests:");
    info!("   {{");
    info!("     \"type\": \"your_message_type\",");
    info!("     \"data\": {{...}},");
    info!("     \"signature\": \"hex_encoded_signature\",");
    info!("     \"public_key\": \"hex_encoded_public_key\"");
    info!("   }}");
    info!("");
    
    // Keep server running for demonstration
    info!("⏰ Server will run for 60 seconds, then shutdown...");
    sleep(Duration::from_secs(60)).await;
    
    info!("🛑 Shutting down WSS + Auth server example");
    
    // Wait for the server to finish
    let _ = join_handle.await;

    Ok(())
}