/**
 * @ai-summary Fastify routes for auth API
 * @ai-context Route definitions with Zod validation and authentication
 */

import { FastifyInstance, FastifyPluginOptions } from 'fastify';
import { FastifyPluginAsync } from 'fastify';
import { AuthController } from './auth.controller';

export const authRoutes: FastifyPluginAsync = async (
  fastify: FastifyInstance,
  _opts: FastifyPluginOptions
) => {
  const authController = new AuthController();

  // POST /api/auth/signup - Create new user (public, no JWT required)
  fastify.post('/auth/signup', authController.signup.bind(authController));

  // GET /api/auth/verify-status - Check verification status (requires JWT)
  fastify.get('/auth/verify-status', {
    preHandler: [fastify.authenticate],
    handler: authController.getVerifyStatus.bind(authController),
  });

  // POST /api/auth/resend-verification - Resend verification email (requires JWT)
  fastify.post('/auth/resend-verification', {
    preHandler: [fastify.authenticate],
    handler: authController.resendVerification.bind(authController),
  });

  // POST /api/auth/resend-verification-public - Resend verification by email (public, no JWT)
  fastify.post('/auth/resend-verification-public', authController.resendVerificationPublic.bind(authController));

  // GET /api/auth/user-status - Get user status for routing (requires JWT, verification exempt)
  fastify.get('/auth/user-status', {
    preHandler: [fastify.authenticate],
    handler: authController.getUserStatus.bind(authController),
  });

  // GET /api/auth/security-status - Get security status (requires JWT)
  fastify.get('/auth/security-status', {
    preHandler: [fastify.authenticate],
    handler: authController.getSecurityStatus.bind(authController),
  });

  // POST /api/auth/request-password-reset - Request password reset email (requires JWT)
  fastify.post('/auth/request-password-reset', {
    preHandler: [fastify.authenticate],
    handler: authController.requestPasswordReset.bind(authController),
  });

  // POST /api/auth/track-logout - Track logout event for audit (requires JWT)
  fastify.post('/auth/track-logout', {
    preHandler: [fastify.authenticate],
    handler: authController.trackLogout.bind(authController),
  });
};