package main

import (
	"log"
	"os"
	
	"github.com/gin-gonic/gin"
	"github.com/joho/godotenv"
	
	"mohportal/handlers"
	"mohportal/config"
	"mohportal/db"
	"mohportal/middleware"
	"mohportal/security"
)

func init() {
	// Load environment variables
	if err := godotenv.Load(); err != nil {
		log.Println("No .env file found")
	}
}

func main() {
	// Initialize configuration
	cfg := config.LoadConfig()
	
	// Connect to database
	db.ConnectDatabase(cfg.DatabaseURL)
	
	// Initialize authentication middleware
	middleware.InitAuthMiddleware(cfg)
	
	// Initialize security configuration
	secConfig := security.DefaultSecurityConfig()
	secConfig.JWTSecret = cfg.JWTSecret
	
	// Initialize Gin router
	router := gin.Default()
	
	// Apply security middleware
	router.Use(security.SecurityMiddleware(secConfig))
	router.Use(security.AuditLogMiddleware())
	router.Use(security.GDPRComplianceMiddleware())
	router.Use(security.DataResidencyMiddleware())
	router.Use(security.PCIComplianceMiddleware())
	router.Use(security.SocComplianceMiddleware())
	router.Use(security.FedRAMPComplianceMiddleware())
	
	// CSP report endpoint
	router.POST("/csp-report", security.CSPReportHandler)
	
	// Health check endpoint
	router.GET("/health", handlers.HealthCheck)
	
	// API routes
	api := router.Group("/api/v1")
	{
		tenants := api.Group("/tenants")
		{
			tenants.POST("/", handlers.CreateTenant)
			tenants.GET("/", handlers.GetTenants)
			tenants.GET("/:id", handlers.GetTenant)
			tenants.PUT("/:id", handlers.UpdateTenant)
			tenants.DELETE("/:id", handlers.DeleteTenant)
		}
		
		auth := api.Group("/auth")
		{
			auth.POST("/login", handlers.Login)
			auth.POST("/register", handlers.Register)
			auth.POST("/logout", handlers.Logout)
			auth.GET("/profile", handlers.Profile)
			auth.GET("/oidc/login", handlers.OIDCLogin)
			auth.GET("/oidc/callback", handlers.OIDCCallback)
			auth.GET("/social/login/:provider", handlers.SocialLogin)
			auth.GET("/social/callback/:provider", handlers.SocialCallback)
		}
		
		positions := api.Group("/positions")
		{
			positions.GET("/", handlers.GetPositions)
			positions.GET("/:id", handlers.GetPosition)
			positions.POST("/", handlers.CreatePosition)
			positions.PUT("/:id", handlers.UpdatePosition)
			positions.DELETE("/:id", handlers.DeletePosition)
		}
		
		applications := api.Group("/applications")
		{
			applications.GET("/", handlers.GetApplications)
			applications.POST("/", handlers.CreateApplication)
			applications.GET("/:id", handlers.GetApplication)
			applications.PUT("/:id", handlers.UpdateApplication)
			applications.DELETE("/:id", handlers.DeleteApplication)
		}
		
		resumes := api.Group("/resumes")
		{
			resumes.POST("/", handlers.UploadResume)
			resumes.GET("/:id", handlers.GetResume)
		}
	}
	
	// Serve static files
	router.Static("/static", "./static")
	
	// Serve frontend
	router.NoRoute(func(c *gin.Context) {
		c.File("./static/index.html")
	})
	
	port := os.Getenv("PORT")
	if port == "" {
		port = "17000"
	}
	
	log.Printf("Server starting on port %s", port)
	log.Fatal(router.Run(":" + port))
}