<?php

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\PersonController;
use App\Http\Controllers\AuthController;
use App\Http\Controllers\HistoricalSearchController;
use App\Http\Controllers\DashboardController;
use App\Http\Controllers\ActivityLogController;

Route::post('/login', [AuthController::class, 'login'])->name('login');
Route::post('/register', [AuthController::class, 'register'])->name('register');


Route::prefix('historical')->group(function () {
    Route::get('search', [HistoricalSearchController::class, 'search']);
    Route::get('record/{id}', [HistoricalSearchController::class, 'getRecord']);
});

// Protected routes - require Sanctum authentication
Route::middleware('auth:sanctum')->group(function () {
    // User authentication routes
    Route::get('/user', [AuthController::class, 'me'])->name('user.profile');
    Route::post('/logout', [AuthController::class, 'logout'])->name('logout');
    Route::get('/dashboard/stats', [DashboardController::class, 'getStats']);
    // Admin-only routes
    // Route::middleware('ability:admin')->group(function () {
    //     Route::post('/register', [AuthController::class, 'register'])->name('register');
    // });

    Route::get('/persons/search', [PersonController::class, 'search']);
    Route::get('/persons/{id}', [PersonController::class, 'show']);

    Route::get('/activity-logs', [ActivityLogController::class, 'index']);
    // Person API endpoints - all CRUD operations protected by authentication
    Route::apiResource('persons', PersonController::class);
    
    // Custom route for finding a person by ID card number
    // Route::get('persons/id-card/{idCardNo}', [PersonController::class, 'findByIdCard'])->name('persons.findByIdCard');
});