import { Router } from "express";
import { IndexController, AuthController, DbController } from "../controllers";
import { transferController } from "../controllers";
import { paymentVAController } from "../controllers";
import { signController } from "../controllers";
import { authMiddleware, getUserFromToken } from "../middleware/auth";
import { vaMiddleware } from "../middleware/vaAuth";
import uploadController, {
  singleUploadHandler,
  multiUploadHandler,
} from "../controllers/uploadController";
import * as tokenController from "../controllers/tokenController";
import SyncController from "../controllers/syncController";
import { getPoolForDbId } from "../lib/dbPools";
import db from "../db";
import sequence from "../lib/sequence";

const router = Router();
const indexController = new IndexController();
const authController = new AuthController();
const dbController = new DbController();

export const setRoutes = () => {
  router.get("/", indexController.getIndex);
  router.post("/auth/login", (req, res) => authController.login(req, res));
  // bootstrap superadmin (no auth required) - use only once
  router.post("/auth/superadmin", (req, res) =>
    authController.createSuperAdmin(req, res)
  );
  router.post("/auth/logout", (req, res) => authController.logout(req, res));
  router.get("/auth/me", authMiddleware, (req, res) =>
    authController.me(req, res)
  );
  router.get("/me", authMiddleware, async (req, res) => {
    const authHeader =
      req.header("Authorization") || req.header("authorization");
    const token = authHeader ? authHeader.slice("Bearer ".length).trim() : null;
    if (!token) {
      return res.status(401).json({ error: "missing token" });
    }
    const u = await getUserFromToken(token);
    if (!u) throw new Error("invalid token");
    const users = await db.users.findFirst({
      select: {
        user_id: true,
        username: true,
      },
      where: { user_id: u.user.user_id },
    });
    return res.json({ result: users });
  });
  router.post("/test-db", async (req, res) => {
    try {
      const { name, query } = req.body;
      if (!name || !query)
        return res.status(400).json({ error: "name and query are required" });

      // find database metadata by name (or code)
      const dbRec = await (
        await import("../prisma")
      ).default.database.findFirst({ where: { name: name } });
      if (!dbRec) return res.status(404).json({ error: "database not found" });

      const pool = await getPoolForDbId(dbRec.db_id);
      const result = await pool.query(query);
      return res.json({ rows: result.rows, rowCount: result.rowCount });
    } catch (err) {
      console.error("Test endpoint error", err);
      return res.status(500).json({
        status: "error",
        detail: err instanceof Error ? err.message : String(err),
      });
    }
  });
  router.post("/api/transfer", authMiddleware, async (req, res) =>
    transferController.MidsuitPayment(req, res)
  );
  // Payment status lookup by c_invoice_id (optionally limit by startdate/enddate)
  router.get("/api/va/status", authMiddleware, async (req, res) =>
    transferController.paymentStatus(req, res)
  );
  // Signature generation for testing (uses PRIVATE_KEY_PATH file)
  router.post("/generate-signature", (req, res) =>
    signController.generateSignature(req, res)
  );
  // Signature generation for testing (uses PRIVATE_KEY_PATH file)
  router.post("/generate-signature-bank", (req, res) =>
    signController.generateSignature(req, res)
  );
  // Verify signature using public cert (default: public/mandiri/midsuit.cer)
  router.post("/verify-signature", (req, res) =>
    signController.verifySignature(req, res)
  );
  router.post("/db", (req, res) => dbController.handle(req, res));
  // File uploads (protected)
  router.post(
    "/upload",
    authMiddleware,
    (req, res, next) => singleUploadHandler(req, res, next),
    (req, res) => uploadController.single(req, res)
  );
  router.post(
    "/upload/multiple",
    authMiddleware,
    (req, res, next) => multiUploadHandler(req, res, next),
    (req, res) => uploadController.multiple(req, res)
  );
  // Public access to uploaded files. All paths under /uploads/* are served by preview.
  router.get("/uploads/*", (req, res) => uploadController.preview(req, res));
  router.get("/sequence", async (req, res) => {
    try {
      const seqName = req.query.name as string;
      if (!seqName) {
        return res.status(400).json({ error: "Sequence name is required" });
      }
      const seqValue = await sequence(seqName);
      return res.json({ result: seqValue });
    } catch (err) {
      console.error("Get sequence error", err);
      return res.status(500).json({
        error: "internal error",
        detail: err instanceof Error ? err.message : String(err),
      });
    }
  });
  // versioned API group (/:version)
  const versionRouter = Router({ mergeParams: true });
  versionRouter.post("/transfer-va/inquiry", vaMiddleware, (req, res) =>
    transferController.inquiry(req, res)
  );
  versionRouter.post("/transfer-va/payment", vaMiddleware, (req, res) =>
    paymentVAController.payment(req, res)
  );
  versionRouter.post("/transfer-va/status", vaMiddleware, (req, res) =>
    paymentVAController.status(req, res)
  );
  versionRouter.post("/access-token/b2b", (req, res) =>
    tokenController.b2bAccessToken(req, res)
  );
  versionRouter.post("/utilities/signature-service", (req, res) =>
    tokenController.signatureBank(req, res)
  );
  router.use("/:version", versionRouter);

  // Sync endpoints group
  const syncRouter = Router();
  syncRouter.post("/rv_openitem", (req, res) =>
    SyncController.syncRvOpenitem(req, res)
  );
  router.use("/sync", syncRouter);
  // Add more routes here as needed
  return router;
};