defmodule ComponentsElixirWeb.Router do
  use ComponentsElixirWeb, :router

  pipeline :browser do
    plug :accepts, ["html"]
    plug :fetch_session
    plug :fetch_live_flash
    plug :put_root_layout, html: {ComponentsElixirWeb.Layouts, :root}
    plug :protect_from_forgery
    plug :put_secure_browser_headers
  end

  pipeline :authenticated do
    plug ComponentsElixirWeb.AuthPlug
  end

  pipeline :api do
    plug :accepts, ["json"]
  end

  scope "/", ComponentsElixirWeb do
    pipe_through :browser

    live "/login", LoginLive, :index
    get "/login/authenticate", AuthController, :authenticate
    post "/logout", AuthController, :logout

    # File serving endpoint
    get "/uploads/images/:filename", FileController, :show
  end

  scope "/", ComponentsElixirWeb do
    pipe_through [:browser, :authenticated]

    live "/", ComponentsLive, :index
    live "/categories", CategoriesLive, :index
    live "/storage_locations", StorageLocationsLive, :index
    live "/storage_locations/new", StorageLocationsLive, :new
    live "/storage_locations/:id/edit", StorageLocationsLive, :edit
  end

  # Other scopes may use custom stacks.
  # scope "/api", ComponentsElixirWeb do
  #   pipe_through :api
  # end

  # Enable LiveDashboard and Swoosh mailbox preview in development
  if Application.compile_env(:components_elixir, :dev_routes) do
    # If you want to use the LiveDashboard in production, you should put
    # it behind authentication and allow only admins to access it.
    # If your application does not have an admins-only section yet,
    # you can use Plug.BasicAuth to set up some basic authentication
    # as long as you are also using SSL (which you should anyway).
    import Phoenix.LiveDashboard.Router

    scope "/dev" do
      pipe_through :browser

      live_dashboard "/dashboard", metrics: ComponentsElixirWeb.Telemetry
      forward "/mailbox", Plug.Swoosh.MailboxPreview
    end
  end
end