import { Router } from "express";
import { deleteVehicle } from "../controllers/vehicleController";
import { checkAuth } from "../middleware/checkAuth";
import { changePasswordUser, viewUserProfile } from "../controllers/authController";
import {
  connectWalletStripe,
  refreshWalletStripeStatus,
  walletStripeConnectReturnPage,
  walletStripeConnectRefreshPage,
  createWalletTopUpIntent,
  reconcileWalletTopUp,
} from "../controllers/walletController";

const router = Router();

/** Stripe Connect callbacks — same handlers as /wallet/stripe/* */
router.get("/stripe/return", walletStripeConnectReturnPage);
router.get("/stripe/refresh", walletStripeConnectRefreshPage);

/**
 * GET /api/v1/user/viewUserProfile
 *
 * Returns the authenticated user's profile (Stripe Connect flags + derived
 * `stripeStatus`). The mobile app calls this after returning from the Stripe
 * hosted onboarding to refresh local state.
 */
router.get("/viewUserProfile", checkAuth, viewUserProfile);

/**
 * POST /api/v1/user/changePassword
 * Mobile reset after verify-otp: Bearer JWT + { password, confirm_password } only.
 */
router.post("/changePassword", checkAuth, changePasswordUser);

router.post("/connect-stripe", checkAuth, connectWalletStripe);
router.post("/refresh-stripe-status", checkAuth, refreshWalletStripeStatus);
router.post("/wallet/top-up/intent", checkAuth, createWalletTopUpIntent);
router.post("/wallet/top-up/reconcile", checkAuth, reconcileWalletTopUp);

/**
 * DELETE /api/v1/user/car/:id/delete
 * Alias for mobile/web clients (same as DELETE /api/v1/vehicles/:id)
 */
router.delete("/car/:id/delete", checkAuth, deleteVehicle);

export default router;

/**
 * @swagger
 * tags:
 *   name: User
 *   description: |
 *     Authenticated app user routes. **Stripe Connect** for simple users: **POST** `/user/connect-stripe`
 *     with **returnUrl** / **refreshUrl** pointing at **GET** `/user/stripe/return` and `/user/stripe/refresh`.
 *     **POST** `/user/wallet/top-up/intent` aliases **POST** `/wallet/top-up/intent` (PaymentIntent top-up).
 *     **POST** `/user/wallet/top-up/reconcile` aliases **POST** `/wallet/top-up/reconcile` (sync balance if webhook missed).
 */

/**
 * @swagger
 * /api/v1/user/connect-stripe:
 *   post:
 *     summary: Stripe Connect onboarding (Express) — app user payouts
 *     tags: [User]
 *     security:
 *       - bearerAuth: []
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - returnUrl
 *               - refreshUrl
 *             properties:
 *               returnUrl:
 *                 type: string
 *                 format: uri
 *                 description: e.g. GET /api/v1/user/stripe/return (API appends uid)
 *               refreshUrl:
 *                 type: string
 *                 format: uri
 *                 description: e.g. GET /api/v1/user/stripe/refresh
 *     responses:
 *       200:
 *         description: data.url, data.stripeAccountId
 *       401:
 *         description: Unauthorized
 */

/**
 * @swagger
 * /api/v1/user/viewUserProfile:
 *   get:
 *     summary: Get authenticated user's profile (with Stripe Connect status)
 *     tags: [User]
 *     security:
 *       - bearerAuth: []
 *     responses:
 *       200:
 *         description: |
 *           User profile (no password). Includes `stripeConnected`,
 *           `stripeChargesEnabled`, `stripeDetailsSubmitted`, plus a derived
 *           `stripeStatus` of `"active" | "pending" | "connect_required"`.
 *       401:
 *         description: Unauthorized (missing/invalid Bearer token)
 *       404:
 *         description: User not found
 */

/**
 * @swagger
 * /api/v1/user/refresh-stripe-status:
 *   post:
 *     summary: Sync Connect status after onboarding (Bearer)
 *     tags: [User]
 *     security:
 *       - bearerAuth: []
 *     responses:
 *       200:
 *         description: stripeConnected, stripeStatus, etc.
 */

/**
 * @swagger
 * /api/v1/user/stripe/return:
 *   get:
 *     summary: Stripe Connect return callback (public HTML)
 *     tags: [User]
 *     parameters:
 *       - in: query
 *         name: uid
 *         required: true
 *         schema:
 *           type: string
 */

/**
 * @swagger
 * /api/v1/user/stripe/refresh:
 *   get:
 *     summary: Stripe Connect refresh callback (public HTML)
 *     tags: [User]
 *     parameters:
 *       - in: query
 *         name: uid
 *         required: true
 *         schema:
 *           type: string
 */

/**
 * @swagger
 * /api/v1/user/wallet/top-up/intent:
 *   post:
 *     summary: Create PaymentIntent for wallet top-up (same as POST /wallet/top-up/intent)
 *     tags: [User, Wallet]
 *     security:
 *       - bearerAuth: []
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - amountCents
 *             properties:
 *               amountCents:
 *                 type: integer
 *               currency:
 *                 type: string
 *               paymentMethodId:
 *                 type: string
 *     responses:
 *       200:
 *         description: clientSecret, paymentIntentId, publishableKey, stripeCustomerId
 */