package routes

import (
	"github.com/gin-gonic/gin"
	"hr_receiver/controllers"
	"hr_receiver/middleware"
	"net/http"
)

func SetupRouter() *gin.Engine {
	jwtService := middleware.NewJWTService(middleware.ApiSecret, middleware.TokenExp)
	r := gin.Default()
	r.Use(middleware.GzipMiddleware())
	trainingController := controllers.NewTrainingController()
	stepTrainController := controllers.NewStepTrainingController()
	lessonPlanController := controllers.NewLessonPlanController()
	kindergartenAdminController := controllers.NewKindergartenAdminController()
	projectTypeAdminController := controllers.NewProjectTypeAdminController()
	productDefinitionAdminController := controllers.NewProductDefinitionAdminController()
	productPrototypeAdminController := controllers.NewProductPrototypeAdminController()
	projectProductTemplateAdminController := controllers.NewProjectProductTemplateAdminController()
	productInventoryAdminController := controllers.NewProductInventoryAdminController()
	productSuiteAdminController := controllers.NewProductSuiteAdminController()
	userAdminController := controllers.NewUserAdminController()
	gatewayController := controllers.NewGatewayAdminController()
	systemDebugController := controllers.NewSystemDebugController()
	statisticsController := controllers.NewStatisticsController()
	deviceTokenHandler := func(c *gin.Context) {
		clientSecret := c.GetHeader("X-API-Key")
		if clientSecret != middleware.ApiSecret {
			c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid secret"})
			return
		}

		token, err := jwtService.GenerateToken()
		if err != nil {
			c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to generate token"})
			return
		}

		c.JSON(http.StatusOK, gin.H{
			"token":     token,
			"tokenType": "device",
		})
	}

	r.GET("/auth/token", deviceTokenHandler)

	v1 := r.Group("/api/v1")
	{
		records := v1.Group("/train-records") //.Use(middleware.AuthMiddleware())
		{
			records.POST("", trainingController.CreateTrainingRecord)
			records.GET("/analysis", trainingController.HandleCurveAnalysis)
			records.POST("/analysis-by-ai", trainingController.AnalyzeByAI)
			// 可扩展其他路由：GET, PUT, DELETE等
		}
		steps := v1.Group("/step").Use(middleware.JWTAuth(), middleware.RequireStepTrainingAccess())
		{
			steps.POST("", stepTrainController.CreateTrainingRecord)
			steps.GET("train-records", stepTrainController.GetTrainingRecords)
			steps.GET("train-data/:trainId", stepTrainController.GetTrainingRecordByTrainId)
			steps.GET("train-rank/:trainId", stepTrainController.GetTrainingRank)
			// 可扩展其他路由：GET, PUT, DELETE等
		}
		lessonPlans := v1.Group("/lesson-plans").Use(middleware.JWTAuth())
		{
			lessonPlans.POST("/upload", middleware.RequireHeartRateOperatorOrHigher(), lessonPlanController.Upload)
			lessonPlans.GET("", middleware.RequireHeartRateOperatorOrHigher(), lessonPlanController.List)
			lessonPlans.GET("/page", middleware.RequireHeartRateOperatorOrHigher(), lessonPlanController.Page)
			lessonPlans.GET("/:id/download", lessonPlanController.Download)
			lessonPlans.POST("/:id/share-code", lessonPlanController.GenerateShareCode)
			lessonPlans.DELETE("/:id", lessonPlanController.Delete)
		}
		admin := v1.Group("/admin").Use(middleware.JWTAuth(), middleware.RequireSuperAdmin())
		{
			admin.GET("/kindergartens", kindergartenAdminController.List)
			admin.POST("/kindergartens", kindergartenAdminController.Create)
			admin.PUT("/kindergartens/:id", kindergartenAdminController.Update)
			admin.DELETE("/kindergartens/:id", kindergartenAdminController.Delete)

			admin.GET("/project-types", projectTypeAdminController.List)
			admin.POST("/project-types", projectTypeAdminController.Create)
			admin.PUT("/project-types/:id", projectTypeAdminController.Update)
			admin.DELETE("/project-types/:id", projectTypeAdminController.Delete)

			admin.GET("/product-definitions", productDefinitionAdminController.List)
			admin.POST("/product-definitions", productDefinitionAdminController.Create)
			admin.PUT("/product-definitions/:id", productDefinitionAdminController.Update)
			admin.DELETE("/product-definitions/:id", productDefinitionAdminController.Delete)

			admin.GET("/product-prototypes", productPrototypeAdminController.List)
			admin.POST("/product-prototypes", productPrototypeAdminController.Create)
			admin.PUT("/product-prototypes/:id", productPrototypeAdminController.Update)
			admin.DELETE("/product-prototypes/:id", productPrototypeAdminController.Delete)

			admin.GET("/project-product-templates", projectProductTemplateAdminController.List)

			admin.GET("/product-inventories", productInventoryAdminController.List)
			admin.POST("/product-inventories", productInventoryAdminController.Create)
			admin.PUT("/product-inventories/:id", productInventoryAdminController.Update)
			admin.DELETE("/product-inventories/:id", productInventoryAdminController.Delete)

			admin.GET("/product-suites", productSuiteAdminController.List)
			admin.POST("/product-suites", productSuiteAdminController.Create)
			admin.PUT("/product-suites/:id", productSuiteAdminController.Update)
			admin.DELETE("/product-suites/:id", productSuiteAdminController.Delete)

			admin.GET("/users", userAdminController.List)
			admin.POST("/users", userAdminController.Create)
			admin.PUT("/users/:id", userAdminController.Update)
			admin.DELETE("/users/:id", userAdminController.Delete)

			admin.GET("/gateways", gatewayController.List)
			admin.POST("/gateways", gatewayController.Create)
			admin.PUT("/gateways/:id", gatewayController.Update)
			admin.DELETE("/gateways/:id", gatewayController.Delete)

			admin.GET("/system-debug/mqtt/status", systemDebugController.MqttStatus)
			admin.POST("/system-debug/mqtt/start", systemDebugController.StartMqtt)
			admin.POST("/system-debug/mqtt/stop", systemDebugController.StopMqtt)

			admin.GET("/statistics/ai-analysis-records", statisticsController.ListAIAnalysisRecords)
			admin.GET("/statistics/ai-analysis-records/:id/pdf", statisticsController.DownloadAIAnalysisRecordPDF)
			admin.DELETE("/statistics/ai-analysis-records/:id", statisticsController.DeleteAIAnalysisRecord)
			admin.GET("/statistics/ai-analysis", statisticsController.StatisticsByRegion)
			admin.GET("/statistics/ai-analysis-timeline", statisticsController.TimelineStatistics)
			admin.GET("/statistics/mqtt-training-sessions", statisticsController.TrainingSessionStatisticsByRegion)
		}

		v1.GET("/admin/system-debug/mqtt/ws", systemDebugController.MqttWebSocket)
		v1.GET("/lesson-plans/share/:code/download", lessonPlanController.DownloadByShareCode)
		public := v1.Group("")
		{
			public.POST("/register", controllers.Register)
			public.POST("/login", controllers.Login)
		}
		v1.GET("/gateways", middleware.JWTAuth(), middleware.RequireOperatorOrHigher(), gatewayController.List)
		v1.GET("/gateways/by-mac", middleware.JWTAuth(), middleware.RequireOperatorOrHigher(), gatewayController.GetByMACForUser)

		auth := v1.Group("/auth")
		{
			auth.GET("/token", deviceTokenHandler)
		}
	}
	return r
}