defmodule MyFirstElixirVibeCodeWeb.Router do
  use MyFirstElixirVibeCodeWeb, :router

  alias MyFirstElixirVibeCodeWeb.UserAuth

  pipeline :browser do
    plug :accepts, ["html"]
    plug :fetch_session
    plug :fetch_live_flash
    plug :put_root_layout, html: {MyFirstElixirVibeCodeWeb.Layouts, :root}
    plug :protect_from_forgery
    plug :put_secure_browser_headers
    plug UserAuth, :fetch_current_user
  end

  pipeline :api do
    plug :accepts, ["json"]
  end

  pipeline :guest_only do
    plug UserAuth, :redirect_if_user_is_authenticated
  end

  pipeline :auth_required do
    plug UserAuth, :require_authenticated_user
  end

  pipeline :admin_only do
    plug UserAuth, :require_admin_user
  end

  scope "/", MyFirstElixirVibeCodeWeb do
    pipe_through :browser

    get "/", PageController, :home

    live "/contractor/register", ContractorRegistrationLive
    live "/contact", ContactLive

    live "/reviews", ReviewLive.Index, :index
    live "/reviews/new", ReviewLive.Form, :new
    live "/reviews/:id", ReviewLive.Show, :show
    live "/reviews/:id/edit", ReviewLive.Form, :edit
  end

  ## Authentication routes
  scope "/", MyFirstElixirVibeCodeWeb do
    pipe_through [:browser, :guest_only]

    live_session :redirect_if_user_is_authenticated,
      on_mount: [{MyFirstElixirVibeCodeWeb.UserAuth, :redirect_if_user_is_authenticated}] do
      live "/register", UserRegistrationLive, :new
      live "/login", UserLoginLive, :new
      live "/admin/login", AdminLoginLive, :new
    end

    post "/login", UserSessionController, :create
    post "/admin/login", UserSessionController, :create_admin
  end

  scope "/", MyFirstElixirVibeCodeWeb do
    pipe_through [:browser, :auth_required]

    delete "/logout", UserSessionController, :delete
  end

  ## Admin routes
  scope "/admin", MyFirstElixirVibeCodeWeb do
    pipe_through [:browser, :auth_required, :admin_only]

    live_session :require_admin_user,
      on_mount: [{MyFirstElixirVibeCodeWeb.UserAuth, :ensure_authenticated}] do
      live "/dashboard", AdminDashboardLive
    end
  end

  # Other scopes may use custom stacks.
  # scope "/api", MyFirstElixirVibeCodeWeb do
  #   pipe_through :api
  # end

  # Enable LiveDashboard and Swoosh mailbox preview in development
  if Application.compile_env(:my_first_elixir_vibe_code, :dev_routes) do
    # If you want to use the LiveDashboard in production, you should put
    # it behind authentication and allow only admins to access it.
    # If your application does not have an admins-only section yet,
    # you can use Plug.BasicAuth to set up some basic authentication
    # as long as you are also using SSL (which you should anyway).
    import Phoenix.LiveDashboard.Router

    scope "/dev" do
      pipe_through :browser

      live_dashboard "/dashboard", metrics: MyFirstElixirVibeCodeWeb.Telemetry
      forward "/mailbox", Plug.Swoosh.MailboxPreview
    end
  end
end