import express from "express";
import cors from "cors";
import helmet from "helmet";
import compression from "compression";
import morgan from "morgan";
import { env } from "./config/env";
import authRoutes from "./routes/auth.routes";
import healthRoutes from "./routes/health.routes";
import dashboardRoutes from "./routes/dashboard.routes";
import resourceRoutes from "./routes/resources.routes";
import billingRoutes from "./routes/billing.routes";
import paymentRoutes from "./routes/payment.routes";
import proxmoxRoutes from "./routes/proxmox.routes";
import settingsRoutes from "./routes/settings.routes";
import operationsRoutes from "./routes/operations.routes";
import provisioningRoutes from "./routes/provisioning.routes";
import backupRoutes from "./routes/backup.routes";
import networkRoutes from "./routes/network.routes";
import monitoringRoutes from "./routes/monitoring.routes";
import clientRoutes from "./routes/client.routes";
import profileRoutes from "./routes/profile.routes";
import adminUsersRoutes from "./routes/admin-users.routes";
import systemRoutes from "./routes/system.routes";
import { errorHandler, notFoundHandler } from "./middleware/error-handler";
import { createRateLimit } from "./middleware/rate-limit";

export function createApp() {
  const app = express();
  app.set("trust proxy", 1);

  const globalRateLimit = createRateLimit({
    windowMs: env.RATE_LIMIT_WINDOW_MS,
    max: env.RATE_LIMIT_MAX
  });
  const authRateLimit = createRateLimit({
    windowMs: env.AUTH_RATE_LIMIT_WINDOW_MS,
    max: env.AUTH_RATE_LIMIT_MAX,
    keyGenerator: (req) => {
      const email = typeof req.body?.email === "string" ? req.body.email.toLowerCase().trim() : "";
      return `${req.ip}:${email}`;
    }
  });

  app.use(
    cors({
      origin: env.CORS_ORIGIN === "*" ? true : env.CORS_ORIGIN.split(",").map((item) => item.trim()),
      credentials: true
    })
  );
  app.use(helmet());
  app.use(compression());
  app.use(
    express.json({
      limit: "2mb",
      verify: (req, _res, buffer) => {
        const request = req as express.Request;
        request.rawBody = buffer.toString("utf8");
      }
    })
  );
  app.use(morgan("dev"));
  app.use("/api", globalRateLimit);
  app.use("/api/auth/login", authRateLimit);
  app.use("/api/auth/refresh", authRateLimit);

  app.get("/", (_req, res) => {
    res.json({
      name: "ProxPanel API",
      version: "1.0.0",
      docs: "/api/health"
    });
  });

  app.use("/api/health", healthRoutes);
  app.use("/api/auth", authRoutes);
  app.use("/api/dashboard", dashboardRoutes);
  app.use("/api/resources", resourceRoutes);
  app.use("/api/billing", billingRoutes);
  app.use("/api/payments", paymentRoutes);
  app.use("/api/proxmox", proxmoxRoutes);
  app.use("/api/settings", settingsRoutes);
  app.use("/api/operations", operationsRoutes);
  app.use("/api/provisioning", provisioningRoutes);
  app.use("/api/backups", backupRoutes);
  app.use("/api/network", networkRoutes);
  app.use("/api/monitoring", monitoringRoutes);
  app.use("/api/client", clientRoutes);
  app.use("/api/profile", profileRoutes);
  app.use("/api/admin", adminUsersRoutes);
  app.use("/api/system", systemRoutes);

  app.use(notFoundHandler);
  app.use(errorHandler);

  return app;
}