import express, { Application, Request, Response } from 'express';
import cors from 'cors';
import helmet from 'helmet';
import rateLimit from 'express-rate-limit';
import environment from './config/environment';
import logger from './utils/logger';
import { errorHandler, notFoundHandler } from './middleware/error.middleware';

const app: Application = express();

// Trust proxy (required for correct IP detection behind Traefik/Nginx)
app.set('trust proxy', 1);

// Security middleware
app.use(helmet());

// CORS configuration
app.use(cors({
  origin: environment.cors.origin,
  credentials: true,
}));

// Rate limiting - general API routes
const limiter = rateLimit({
  windowMs: environment.rateLimit.windowMs,
  max: environment.rateLimit.max,
  message: 'Too many requests from this IP, please try again later.',
  standardHeaders: true,
  legacyHeaders: false,
});

// Rate limiting - auth routes (more generous to avoid blocking logins)
const authLimiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 30, // 30 auth attempts per window
  message: 'Zu viele Anmeldeversuche. Bitte versuchen Sie es später erneut.',
  standardHeaders: true,
  legacyHeaders: false,
});

app.use('/api/auth', authLimiter);
app.use('/api', limiter);

// Body parsing middleware
app.use(express.json({ limit: '10mb' }));
app.use(express.urlencoded({ extended: true, limit: '10mb' }));

// Request logging middleware
app.use((req: Request, _res: Response, next) => {
  logger.info('Incoming request', {
    method: req.method,
    path: req.path,
    ip: req.ip,
  });
  next();
});

// Health check endpoint
app.get('/health', (_req: Request, res: Response) => {
  res.status(200).json({
    status: 'ok',
    timestamp: new Date().toISOString(),
    uptime: process.uptime(),
    environment: environment.nodeEnv,
  });
});

// API routes
import authRoutes      from './routes/auth.routes';
import userRoutes      from './routes/user.routes';
import memberRoutes    from './routes/member.routes';
import adminRoutes     from './routes/admin.routes';
import trainingRoutes  from './routes/training.routes';
import vehicleRoutes   from './routes/vehicle.routes';
import incidentRoutes  from './routes/incident.routes';
import equipmentRoutes from './routes/equipment.routes';
import nextcloudRoutes from './routes/nextcloud.routes';

app.use('/api/auth',      authRoutes);
app.use('/api/user',      userRoutes);
app.use('/api/members',   memberRoutes);
app.use('/api/admin',     adminRoutes);
app.use('/api/training',  trainingRoutes);
app.use('/api/vehicles',  vehicleRoutes);
app.use('/api/incidents', incidentRoutes);
app.use('/api/equipment', equipmentRoutes);
app.use('/api/nextcloud/talk', nextcloudRoutes);

// 404 handler
app.use(notFoundHandler);

// Error handling middleware (must be last)
app.use(errorHandler);

export default app;