<?php

/** @var App\Core\App $app */
$app = require_once __DIR__ . '/../bootstrap/app.php';

use App\Controllers\HomeController;
use App\Controllers\AuthController;
use App\Controllers\Admin\DashboardController;
use App\Controllers\Admin\OrganizationsController;
use App\Controllers\Admin\OpportunitiesController;
use App\Controllers\Admin\ContactsController;
use App\Controllers\Admin\SourcesController;
use App\Middleware\SecurityHeaders;
use App\Middleware\RateLimit;
use App\Middleware\CsrfProtection;
use App\Middleware\Authenticate;

// Register Global Web Middlewares on Route groups
$app->router->group([
    'middleware' => [SecurityHeaders::class]
], function($router) {
    
    // Public index redirection
    $router->get('/', [HomeController::class, 'index']);
    
    // Auth routes throttled via Rate Limiter
    $router->group([
        'middleware' => [RateLimit::class]
    ], function($r) {
        $r->get('/login', [AuthController::class, 'showLogin']);
        $r->post('/login', [AuthController::class, 'login']);
        $r->get('/register', [AuthController::class, 'showRegister']);
        $r->post('/register', [AuthController::class, 'register']);
    });

    // Protected Admin routes requiring Session Auth & CSRF tokens
    $router->group([
        'prefix' => '/admin',
        'middleware' => [Authenticate::class, CsrfProtection::class]
    ], function($r) {
        // Dashboard
        $r->get('/dashboard', [DashboardController::class, 'index']);
        
        // Organizations CRUD
        $r->get('/organizations', [OrganizationsController::class, 'index']);
        $r->get('/organizations/create', [OrganizationsController::class, 'create']);
        $r->post('/organizations/store', [OrganizationsController::class, 'store']);
        $r->get('/organizations/{id}', [OrganizationsController::class, 'show']);
        $r->get('/organizations/{id}/edit', [OrganizationsController::class, 'edit']);
        $r->post('/organizations/{id}/update', [OrganizationsController::class, 'store']);
        $r->get('/organizations/{id}/delete', [OrganizationsController::class, 'delete']);
        
        // Opportunities
        $r->get('/opportunities', [OpportunitiesController::class, 'index']);
        $r->get('/opportunities/{id}', [OpportunitiesController::class, 'show']);
        
        // Contacts CRUD
        $r->get('/contacts', [ContactsController::class, 'index']);
        $r->get('/contacts/create', [ContactsController::class, 'create']);
        $r->post('/contacts/store', [ContactsController::class, 'store']);
        $r->get('/contacts/{id}', [ContactsController::class, 'show']);
        $r->get('/contacts/{id}/edit', [ContactsController::class, 'edit']);
        $r->post('/contacts/{id}/update', [ContactsController::class, 'store']);
        $r->get('/contacts/{id}/delete', [ContactsController::class, 'delete']);
        $r->post('/contacts/{id}/interaction', [ContactsController::class, 'addInteraction']);
        
        // Sources
        $r->get('/sources', [SourcesController::class, 'index']);
        $r->get('/sources/create', [SourcesController::class, 'create']);
        $r->post('/sources/store', [SourcesController::class, 'store']);
        $r->get('/sources/{id}/edit', [SourcesController::class, 'edit']);
        $r->post('/sources/{id}/update', [SourcesController::class, 'store']);
        $r->get('/sources/{id}/delete', [SourcesController::class, 'delete']);
        $r->get('/sources/{id}/run', [SourcesController::class, 'run']);
    });

    // Logout endpoint
    $router->get('/logout', [AuthController::class, 'logout']);
});

// API Routes (no CSRF, uses JWT)
$app->router->group([
    'prefix' => '/api',
    'middleware' => [RateLimit::class, Authenticate::class]
], function($r) {
    $r->get('/organizations', [OrganizationsController::class, 'index']);
    $r->get('/opportunities', [OpportunitiesController::class, 'index']);
});

$app->run();