package ginserver

import (
	"net/http"
	"nos-comptes/handler"
	"nos-comptes/internal/account"
	"nos-comptes/internal/expense"
	sharedaccount "nos-comptes/internal/shared-account"
	"nos-comptes/internal/storage/dao/postgresql"
	"nos-comptes/internal/user"
	"nos-comptes/middleware"
	"time"

	"github.com/gin-gonic/gin"

	"github.com/gin-contrib/cors"
)

func NewRouter(config *handler.Config) *gin.Engine {
	gin.SetMode(gin.ReleaseMode)

	router := gin.New()
	router.HandleMethodNotAllowed = true

	router.Use(cors.New(cors.Config{
		AllowOrigins:     []string{"http://localhost:8080/", "http://localhost:8080"},
		AllowMethods:     []string{"*"},
		AllowHeaders:     []string{"*"},
		ExposeHeaders:    []string{"*"},
		AllowCredentials: true,
		MaxAge:           12 * time.Hour,
	}))
	router.Use(gin.Recovery())
	router.Use(GetLoggerMiddleware())
	router.Use(GetHTTPLoggerMiddleware())

	db := postgresql.NewDatabasePostgreSQL(config.DBConnectionURI)
	hc := handler.NewContext()
	uh := user.NewHandler(hc, db)
	ah := account.NewHandler(hc, db)
	sah := sharedaccount.NewHandler(hc, db)
	eh := expense.NewHandler(hc, db)

	public := router.Group("/")
	public.Handle(http.MethodGet, "/_health", hc.GetHealth)

	userRoute := public.Group("/users")
	userRoute.Handle("GET", "", uh.ConnectUser)
	userRoute.Handle(http.MethodPost, "", uh.CreateUser)

	securedUserRoute := userRoute.Group("")
	securedUserRoute.Use(middleware.ValidateOAuthToken)
	//TODO add secure auth
	securedUserRoute.Handle(http.MethodGet, "/:userId", uh.GetUser)

	//account route
	securedUserRoute.Handle(http.MethodGet, "/:userId/accounts", ah.GetAllAccountOfUser)
	securedUserRoute.Handle(http.MethodPost, "/:userId/accounts", ah.CreateAccountOfUser)
	securedUserRoute.Handle(http.MethodDelete, "/:userId/accounts/:accountId", ah.DeleteAccountOfUser)
	securedUserRoute.Handle(http.MethodGet, "/:userId/accounts/:accountId", ah.GetSpecificAccountOfUser)

	//shared route
	securedUserRoute.Handle(http.MethodPost, "/:userId/sharedaccounts/:accountId", sah.ShareAnAccount)
	securedUserRoute.Handle(http.MethodDelete, "/:userId/sharedaccounts/:accountId", sah.DeleteSharedAccount)
	securedUserRoute.Handle(http.MethodGet, "/:userId/sharedaccounts", sah.GetAllSharedAccountOfUser)
	securedUserRoute.Handle(http.MethodGet, "/:userId/sharedaccounts/:sharedAccountId", sah.GetSpecificSharedAccountOfUser)

	securedUserRoute.Handle(http.MethodPost, "/:userId/accounts/:accountId/expenses", eh.CreateAnExpense)
	securedUserRoute.Handle(http.MethodDelete, "/:userId/accounts/:accountId/expenses/:expenseId", eh.DeleteExpense)
	securedUserRoute.Handle(http.MethodGet, "/:userId/accounts/:accountId/expenses", eh.GetAllExpenses)
	securedUserRoute.Handle(http.MethodGet, "/:userId/accounts/:accountId/expenses/:expenseId", eh.GetAnExpenses)
	return router
}