#!/usr/bin/env python3
import json,urllib.request,ssl,subprocess,time,os

ts = time.strftime("%Y-%m-%dT%H:%M:%S")
PAT = "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"
REPORT = "/var/www/html/api/pat-status.json"
EXPIRY = "2026-04-15"

# Check PAT via GitHub API
try:
    req = urllib.request.Request("https://api.github.com/user",
        headers={"Authorization": "token " + PAT, "User-Agent": "WEVAL-PAT-Monitor"})
    resp = urllib.request.urlopen(req, timeout=10)
    user_data = json.loads(resp.read())
    pat_valid = True
    user = user_data.get("login", "?")
except:
    pat_valid = False
    user = "?"

# Days until expiry
import datetime
try:
    exp_date = datetime.datetime.strptime(EXPIRY, "%Y-%m-%d")
    now = datetime.datetime.now()
    days = (exp_date - now).days
except:
    days = -1

# Test push
push_ok = subprocess.run(["git", "-C", "/var/www/html", "push", "--dry-run", "origin", "main"],
    capture_output=True).returncode == 0

# Test Gitea
gitea_ok = subprocess.run(["git", "-C", "/var/www/html", "push", "--dry-run", "gitea", "main"],
    capture_output=True).returncode == 0

# Alert
alert = None
if days <= 3 and days >= 0:
    alert = "P0: PAT expires in %d days" % days
elif not pat_valid:
    alert = "P0: PAT EXPIRED"

result = {
    "ts": ts, "pat_valid": pat_valid, "user": user,
    "days_until_expiry": days, "expiry_date": EXPIRY,
    "push_ok": push_ok, "gitea_backup": gitea_ok,
    "alert": alert
}

json.dump(result, open(REPORT, "w"), indent=2)
print("PAT: %s | User: %s | Days: %d | Push: %s | Gitea: %s" % (
    "VALID" if pat_valid else "EXPIRED", user, days,
    "OK" if push_ok else "FAIL", "OK" if gitea_ok else "FAIL"))