package main

import (
	"net/http"
	"expvar"
	"github.com/julienschmidt/httprouter"
)

func (app *application) routes() http.Handler {

	router := httprouter.New()

	router.NotFound = http.HandlerFunc(app.notFoundResponse)
	router.MethodNotAllowed = http.HandlerFunc(app.methodNotAllowedResponse)

	fileServer := http.FileServer(http.Dir("ui/static"))

	router.HandlerFunc(http.MethodGet,    "/", home)
	router.HandlerFunc(http.MethodGet,    "/ws", ws)
	router.Handler    (http.MethodGet,    "/static/", http.StripPrefix("/static", fileServer))
	router.HandlerFunc(http.MethodGet,    "/v1/healthcheck", app.healthcheckHandler)
	
	router.HandlerFunc(http.MethodGet,    "/v1/issues", app.requirePermission("issues:read", app.listIssuesHandler))

	router.HandlerFunc(http.MethodPost,   "/v1/issues",     app.requirePermission("issues:write", app.createIssueHandler))
	router.HandlerFunc(http.MethodGet,    "/v1/issues/:id", app.requirePermission("issues:read", app.readIssueHandler))
	router.HandlerFunc(http.MethodPatch,  "/v1/issues/:id", app.requirePermission("issues:write", app.updateIssueHandler))
	router.HandlerFunc(http.MethodDelete, "/v1/issues/:id", app.requirePermission("issues:write", app.deleteIssueHandler))

	router.HandlerFunc(http.MethodGet,    "/v1/issues/:id/pubkey", app.requirePermission("issues:read", app.readIssuePubKeyHandler))
	router.HandlerFunc(http.MethodPost,   "/v1/issues/:id/blind-sign", app.requirePermission("issues:read", app.blindSignIssueVoteHandler))

	router.HandlerFunc(http.MethodPost,   "/v1/users",     app.createUserHandler)
	// router.HandlerFunc(http.MethodGet,   "/v1/users/:id", app.readUserHandler)
	// router.HandlerFunc(http.MethodPatch, "/v1/users/:id", app.updateUserHandler)
	router.HandlerFunc(http.MethodDelete, "/v1/users/:id", app.deleteUserHandler)
	router.HandlerFunc(http.MethodPut,    "/v1/users/activated", app.activateUserHandler)

	router.HandlerFunc(http.MethodPost,   "/v1/tokens/authentication", app.createAuthenticationTokenHandler)

	router.Handler    (http.MethodGet, "/debug/vars", expvar.Handler())

	return app.metrics(app.recoverPanic(app.enableCORS(app.rateLimit(app.authenticate(router)))))
}