const express = require('express');
const router = express.Router();
const LoginController = require('../controller/auth/LoginController');
const authMiddleware = require('../middleware/authMiddleware');
const UserStatusController = require('../controller/auth/UserStatusController');
const UnitOfWork = require('../repositories/UnitOfWork');
const UserRepository = require('../repositories/UserRepository');
const EmailVerificationController = require('../controller/auth/EmailVerificationController');
const UserController = require('../controller/auth/UserController');
const UserSettingsController = require('../controller/auth/UserSettingsController'); // Add this line
const PermissionController = require('../controller/permissions/PermissionController');
const AdminUserController = require('../controller/admin/AdminUserController'); // Import the AdminUserController
const PasswordResetController = require('../controller/password-reset/PasswordResetController');
const { createRateLimiter } = require('../middleware/rateLimiter');

// Login route
router.post('/login', LoginController.login);

// Refresh token route
router.post('/refresh', LoginController.refresh);

// Logout route
router.post('/logout', LoginController.logout);

// Get current authenticated user info
router.get('/me', authMiddleware, UserController.getMe);

// Secure endpoint to get current user's status
router.get('/user/status', authMiddleware, UserStatusController.getStatus);

// New endpoint for user status progress
router.get('/user/status-progress', authMiddleware, UserStatusController.getStatusProgress);

// Add this route for full user data by id
router.get('/users/:id/full', authMiddleware, UserController.getFullUserData);

// Send verification email
router.post('/send-verification-email', authMiddleware, EmailVerificationController.sendVerificationEmail);

// Verify email code
router.post('/verify-email-code', authMiddleware, EmailVerificationController.verifyEmailCode);

// Add user settings route
router.get('/user/settings', authMiddleware, UserSettingsController.getSettings); // Add this line

router.get('/users/:id/permissions', authMiddleware, (req, res, next) => {
  console.log('[ROUTE] /users/:id/permissions called');
  console.log('Request method:', req.method);
  console.log('Request URL:', req.originalUrl);
  console.log('Request params:', req.params);
  console.log('Request body:', req.body);
  console.log('Request headers:', req.headers);
  next();
}, PermissionController.getUserPermissions); // Add this route

// Add admin-only route for fetching full user account details
router.get('/admin/users/:id/full', authMiddleware, AdminUserController.getFullUserAccountDetails); // Add this line

router.get('/users/:id/documents', authMiddleware, UserController.getUserDocumentsAndContracts); // Add this line

// Password reset request (rate limited)
router.post(
  '/request-password-reset',
  createRateLimiter({
    keyGenerator: req => `pwreset:${req.ip}`,
    max: 5,
    windowSeconds: 3600
  }),
  PasswordResetController.requestPasswordReset
);

// Password reset token verification
router.get('/verify-password-reset', PasswordResetController.verifyPasswordResetToken);

// Password reset (submit new password)
router.post('/reset-password', PasswordResetController.resetPassword);

module.exports = router;