// Copyright 2023 wanderer <a_mirre at utb dot cz>
// SPDX-License-Identifier: AGPL-3.0-only

package app

import (
	"net/http"

	"git.dotya.ml/mirre-mt/pcmt/handlers"
	modtmpl "git.dotya.ml/mirre-mt/pcmt/modules/template"
	"github.com/labstack/echo/v4"
	"github.com/labstack/echo/v4/middleware"
)

func (a *App) SetupRoutes() error {
	e := a.E()
	setting := a.setting
	assets := http.FileServer(a.getAssets())
	tmpls := a.getTemplates()

	modtmpl.Init(setting, tmpls)
	handlers.SetDBClient(a.db)
	// run this before declaring any handler funcs.
	handlers.InitHandlers(setting)

	e.Renderer = modtmpl.Renderer

	compress, err := handlers.WrapMiddlewareCompress()
	if err != nil {
		return err
	}

	xsrf := a.csrfConfig()

	// keep /static/* as a compatibility fallback for /assets.
	e.GET(
		"/static/*",
		func(c echo.Context) error {
			return c.Redirect(http.StatusMovedPermanently, c.Request().URL.Path)
		},
		middleware.Rewrite(
			map[string]string{"/static/*": "/assets/$1"},
		),
	)
	// alternative:
	// e.GET("/static/*", echo.WrapHandler(http.StripPrefix("/static/", assets)))
	e.GET("/assets/*", echo.WrapHandler(http.StripPrefix("/assets/", assets)), handlers.MiddlewareCache, compress)
	e.HEAD("/assets/*", echo.WrapHandler(http.StripPrefix("/assets/", assets)), handlers.MiddlewareCache, compress)

	e.GET("/healthz", handlers.Healthz())
	e.GET("/health", handlers.Healthz())

	base := e.Group("/", xsrf, compress)

	base.GET("/", handlers.Index())
	base.HEAD("/", handlers.Index())
	base.GET("/signin", handlers.Signin())
	base.POST("/signin", handlers.SigninPost(a.db))
	base.GET("/signup", handlers.Signup())
	base.POST("/signup", handlers.SignupPost(a.db))
	base.GET("/home", handlers.Home(a.db))

	// handle weird attempts here.
	e.POST("/signin/*", func(c echo.Context) error {
		return c.NoContent(http.StatusNotFound)
	})
	e.POST("/signup/*", func(c echo.Context) error {
		return c.NoContent(http.StatusNotFound)
	})

	admin := e.Group("/manage", handlers.MiddlewareSession, xsrf)

	admin.GET("/manage/api-keys", handlers.ManageAPIKeys())
	admin.GET("/manage/users", handlers.ManageUsers())
	admin.GET("/manage/users/new", handlers.ManageUsers())
	admin.POST("/manage/users/create", handlers.CreateUser())
	admin.GET("/manage/users/:id", handlers.ViewUser())
	admin.GET("/manage/users/:id/edit", handlers.EditUser(), handlers.MiddlewareCache, compress)
	admin.GET("/manage/users/:id/delete", handlers.DeleteUserConfirmation())
	admin.POST("/manage/users/:id/update", handlers.UpdateUser())
	admin.POST("/manage/users/:id/delete", handlers.DeleteUser())

	e.GET("/logout", handlers.Logout(), compress)
	e.POST("/logout", handlers.Logout(), handlers.MiddlewareSession, xsrf)

	// administrative endpoints.
	e.GET("/admin/*", handlers.Admin())

	return nil
}