<?php

/** @var App\Core\App $app */
$app = require_once __DIR__ . '/../bootstrap/app.php';

use App\Controllers\HomeController;
use App\Controllers\AuthController;
use App\Controllers\Admin\DashboardController;
use App\Middleware\SecurityHeaders;
use App\Middleware\RateLimit;
use App\Middleware\CsrfProtection;
use App\Middleware\Authenticate;

// Register Global Web Middlewares on Route groups
$app->router->group([
    'middleware' => [SecurityHeaders::class]
], function($router) {
    
    // Public index redirection
    $router->get('/', [HomeController::class, 'index']);
    
    // Auth routes throttled via Rate Limiter
    $router->group([
        'middleware' => [RateLimit::class]
    ], function($r) {
        $r->get('/login', [AuthController::class, 'showLogin']);
        $r->post('/login', [AuthController::class, 'login']);
        $r->get('/register', [AuthController::class, 'showRegister']);
        $r->post('/register', [AuthController::class, 'register']);
    });

    // Protected Admin routes requiring Session Auth & CSRF tokens
    $router->group([
        'prefix' => '/admin',
        'middleware' => [Authenticate::class, CsrfProtection::class]
    ], function($r) {
        $r->get('/dashboard', [DashboardController::class, 'index']);
    });

    // Logout endpoint
    $router->get('/logout', [AuthController::class, 'logout']);
});

$app->run();