<?php

declare(strict_types=1);

require_once __DIR__ . '/../vendor/autoload.php';
require_once __DIR__ . '/../app/Core/helpers.php';

use App\Core\Application;
use App\Modules\Auth\AuthController;
use App\Modules\Companies\CompanyController;
use App\Modules\Invoices\InvoiceController;
use App\Modules\Dashboard\DashboardController;
use App\Modules\Users\UsersController;
use App\Modules\ApiKeys\ApiKeyController;
use App\Modules\Admin\AdminController;
use App\Middleware\AuthMiddleware;
use App\Middleware\HmacMiddleware;

$app = new Application(dirname(__DIR__));
$router = $app->getRouter();

// ══ Auth Routes ══════════════════════════════════════════════
$router->addRoute('POST', '/api/v1/auth/login', [AuthController::class, 'login']);
$router->addRoute('POST', '/api/v1/auth/register', [AuthController::class, 'register']);
$router->addRoute('POST', '/api/v1/auth/refresh', [AuthController::class, 'refresh']);
$router->addRoute('POST', '/api/v1/auth/logout', [AuthController::class, 'logout']);
$router->addRoute('GET', '/api/v1/auth/me', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [AuthController::class, 'me']
]);
$router->addRoute('POST', '/api/v1/auth/2fa/enable', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [AuthController::class, 'enable2FA']
]);
$router->addRoute('POST', '/api/v1/auth/2fa/verify', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [AuthController::class, 'verify2FA']
]);
$router->addRoute('POST', '/api/v1/auth/2fa/disable', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [AuthController::class, 'disable2FA']
]);

// ══ Company Routes ═══════════════════════════════════════════
$router->addRoute('GET', '/api/v1/companies', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [CompanyController::class, 'index']
]);
$router->addRoute('POST', '/api/v1/companies', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [CompanyController::class, 'store']
]);
$router->addRoute('GET', '/api/v1/companies/{id}', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [CompanyController::class, 'show']
]);
$router->addRoute('PUT', '/api/v1/companies/{id}', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [CompanyController::class, 'update']
]);
$router->addRoute('DELETE', '/api/v1/companies/{id}', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [CompanyController::class, 'destroy']
]);

// ══ User Routes ══════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/users', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [UsersController::class, 'list']
]);
$router->addRoute('POST', '/api/v1/users', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [UsersController::class, 'create']
]);
$router->addRoute('PUT', '/api/v1/users/{id}', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [UsersController::class, 'update']
]);
$router->addRoute('DELETE', '/api/v1/users/{id}', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [UsersController::class, 'destroy']
]);

// ══ Invoice Routes ═══════════════════════════════════════════
$router->addRoute('GET', '/api/v1/invoices', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [InvoiceController::class, 'index']
]);
$router->addRoute('POST', '/api/v1/invoices/upload', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [InvoiceController::class, 'upload']
]);
$router->addRoute('GET', '/api/v1/invoices/{id}', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [InvoiceController::class, 'show']
]);
$router->addRoute('GET', '/api/v1/invoices/{id}/status', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [InvoiceController::class, 'status']
]);
$router->addRoute('GET', '/api/v1/invoices/{id}/file', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [InvoiceController::class, 'serveFile']
]);

// ══ Dashboard ════════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/dashboard', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [DashboardController::class, 'getStats']
]);

// ══ API Keys ═══════════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/api-keys', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [ApiKeyController::class, 'index']
]);
$router->addRoute('POST', '/api/v1/api-keys', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [ApiKeyController::class, 'create']
]);
$router->addRoute('DELETE', '/api/v1/api-keys/{id}', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [ApiKeyController::class, 'revoke']
]);

// ══ Admin Routes (Super Admin) ════════════════════════════════
$router->addRoute('GET', '/api/v1/admin/tenants', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [AdminController::class, 'listTenants']
]);
$router->addRoute('GET', '/api/v1/admin/stats', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [AdminController::class, 'getSystemStats']
]);
$router->addRoute('GET', '/api/v1/admin/queue', [
    'middleware' => [AuthMiddleware::class],
    'handler' => [AdminController::class, 'getQueueStatus']
]);

// ══ Health & Public ═══════════════════════════════════════════
$router->addRoute('GET', '/api/v1/health', [AdminController::class, 'health']);

// ══ Determine if this is an API request ═════════════════════════════
$apiRoute = $_GET['route'] ?? null;

if (!$apiRoute) {
    // Not an API call — serve the SPA shell
    include __DIR__ . '/shell.php';
    exit;
}

$app->run();