use std::sync::Arc;

use axum::{
    Router,
    routing::{delete, get, post, put},
};

use crate::AppState;

use super::{auth_middleware, handlers, static_files};

pub fn admin_routes(state: Arc<AppState>) -> Router<Arc<AppState>> {
    // Public routes (no authentication required)
    let public_routes = Router::new().route("/api/login", post(handlers::login));

    // Protected API routes (require authentication)
    let protected_routes = Router::new()
        .route("/api/password", put(handlers::change_password))
        .route("/api/rules", get(handlers::list_rules))
        .route("/api/rules", post(handlers::create_rule))
        .route("/api/rules/{:id}", put(handlers::update_rule))
        .route("/api/rules/{:id}", delete(handlers::delete_rule))
        .route("/api/commands", get(handlers::list_commands))
        .route("/api/commands/{:id}", post(handlers::verify_command))
        .route("/api/config", get(handlers::get_config))
        .route("/api/config", put(handlers::update_config))
        .route("/api/logs", get(handlers::list_logs))
        .layer(axum::middleware::from_fn_with_state(
            state,
            auth_middleware::auth_middleware,
        ));

    // Combine routes
    Router::new()
        .merge(public_routes)
        .merge(protected_routes)
        // Static files (frontend)
        .fallback(static_files::serve_static)
}