import express from "express";
import cors from "cors";
import cookieParser from "cookie-parser";
import session from "express-session";
import passport, { initializePassport } from "./services/passportService.js";
import router from "./routes/auth.js";
import applicantRoute from "./routes/applicant.js";
import validatorRoute from "./routes/validator.js";
import generalRoute from "./routes/general.js";
import {
  verifyApplicantToken,
  verifyToken,
  verifyValidatorToken,
} from "./middleware/verifyJwt.js";

// Initialize passport strategies after environment variables are loaded
initializePassport();

const app = express();

// Middleware setup
app.use(cookieParser());
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(
  cors({
    origin: process.env.FRONTEND_URL || "http://localhost:5173",
    credentials: true,
  }),
);

// Session middleware (required for Passport)
app.use(
  session({
    secret:
      process.env.SESSION_SECRET || "your-secret-key-change-this-in-production",
    resave: false,
    saveUninitialized: false,
    cookie: {
      secure: process.env.NODE_ENV === "production",
      httpOnly: true,
      maxAge: 24 * 60 * 60 * 1000, // 24 hours
    },
  }),
);

// Initialize Passport
app.use(passport.initialize());
app.use(passport.session());

// Route-specific middleware and routes
app.use("/applicant", verifyApplicantToken, applicantRoute);
app.use("/validator", verifyValidatorToken, validatorRoute);
app.use("/general", verifyToken, generalRoute);

// Authentication routes
app.use(router);

export default app;