package api

import (
	"net/http"

	"github.com/go-chi/chi/v5"
	"github.com/go-chi/chi/v5/middleware"
	"github.com/jmoiron/sqlx"
	"workorders/internal/api/handlers"
	"workorders/internal/config"
)

func NewRouter(cfg *config.Config, db *sqlx.DB) http.Handler {
	r := chi.NewRouter()
	r.Use(middleware.Logger)
	r.Use(middleware.Recoverer)
	r.Use(middleware.RealIP)
	r.Use(CORS)

	// Serve frontend static files
	r.Handle("/*", http.FileServer(http.Dir("./web")))

	// Public auth routes
	auth := handlers.NewAuthHandler(db, cfg)
	r.Post("/api/auth/login", auth.Login)

	// Protected API routes
	r.Group(func(r chi.Router) {
		r.Use(JWTAuth(cfg.JWTSecret))

		r.Post("/api/auth/refresh", auth.Refresh)
		r.Get("/api/auth/me", handlers.Me)

		wo := handlers.NewWorkOrderHandler(db, cfg)
		r.Get("/api/work-orders", wo.List)
		r.Post("/api/work-orders", wo.Create)
		r.Get("/api/work-orders/{id}", wo.Get)
		r.Put("/api/work-orders/{id}", wo.Update)
		r.Delete("/api/work-orders/{id}", wo.Delete)
		r.Put("/api/work-orders/{id}/status", wo.UpdateStatus)

		step := handlers.NewStepHandler(db)
		r.Get("/api/work-orders/{id}/steps", step.List)
		r.Post("/api/work-orders/{id}/steps", step.Create)
		r.Put("/api/work-orders/{id}/steps/{sid}", step.Update)
		r.Post("/api/work-orders/{id}/steps/{sid}/complete", step.Complete)
		r.Delete("/api/work-orders/{id}/steps/{sid}", step.Delete)

		res := handlers.NewResourceHandler(db)
		r.Get("/api/work-orders/{id}/resources", res.List)
		r.Post("/api/work-orders/{id}/resources", res.Assign)
		r.Delete("/api/work-orders/{id}/resources/{rid}", res.Remove)

		att := handlers.NewAttachmentHandler(db, cfg)
		r.Get("/api/work-orders/{id}/attachments", att.List)
		r.Post("/api/work-orders/{id}/attachments", att.Upload)
		r.Delete("/api/work-orders/{id}/attachments/{aid}", att.Delete)
		r.Handle("/uploads/*", http.StripPrefix("/uploads/", http.FileServer(http.Dir(cfg.UploadPath))))

		acc := handlers.NewAccountingHandler(db)
		r.Get("/api/work-orders/{id}/accounting", acc.Get)
		r.Put("/api/work-orders/{id}/accounting", acc.Upsert)

		reg := handlers.NewRegistryHandler(db)
		r.Get("/api/registry/people", reg.People)
		r.Get("/api/registry/vehicles", reg.Vehicles)
		r.Get("/api/registry/equipment", reg.Equipment)
		r.Get("/api/registry/materials", reg.Materials)
	})

	return r
}