package routes

import (
	"authentication/handlers"
	"authentication/middleware"
	"database/sql"

	"github.com/gorilla/mux"
	httpSwagger "github.com/swaggo/http-swagger"
)

func SetupRoutes(router *mux.Router, db *sql.DB) {

	router.HandleFunc("/health", handlers.HealthHandler).Methods("GET")
	router.HandleFunc("/ready", handlers.ReadyHandler).Methods("GET")

	authRoutes := router.PathPrefix("/v1/auth").Subrouter()
	frontendOnly := authRoutes.NewRoute().Subrouter()
	frontendOnly.Use(middleware.FrontendOriginWhitelist)
	frontendOnly.HandleFunc("/login", handlers.GoogleLogin).Methods("GET")
	frontendOnly.HandleFunc("/forgot-password", handlers.ForgotPassword).Methods("GET")
	frontendOnly.HandleFunc("/callback", handlers.GoogleCallback).Methods("GET")

	csrfProtected := authRoutes.NewRoute().Subrouter()
	csrfProtected.Use(middleware.CSRFMiddleware)
	csrfProtected.HandleFunc("/csrf", handlers.CSRFToken).Methods("GET")
	csrfProtected.HandleFunc("/refresh_token", handlers.HandleTokenRefresh).Methods("POST", "OPTIONS")
	csrfProtected.HandleFunc("/logout", handlers.LogoutHandler).Methods("POST")

	// authRoutes.HandleFunc("/microsoft/login", handlers.MicrosoftLogin).Methods("GET")
	// authRoutes.HandleFunc("/microsoft/callback", handlers.MicrosotCallback).Methods("GET")

	router.PathPrefix("/swagger/").Handler(httpSwagger.WrapHandler)
}