<?php

use App\Http\Controllers\PokerController;
use App\Http\Controllers\FileLinkController;
use Illuminate\Support\Facades\Route;

Route::get('/', function () {
    return view('welcome');
});

Route::get('/files', [FileLinkController::class, 'index'])->name('files.index');
Route::post('/files', [FileLinkController::class, 'uploadWeb'])->name('files.upload');
Route::get('/files/download/{path}', [FileLinkController::class, 'download'])
    ->where('path', '.*')
    ->middleware('signed')
    ->name('files.download');

// Публичные маршруты
Route::get('/s/{token}', [PokerController::class, 'showForm'])->name('vote.form');
Route::post('/s/{token}', [PokerController::class, 'submitVote']);
Route::get('/thanks', [PokerController::class, 'thanks'])->name('vote.thanks');

// Админка с базовой аутентификацией
Route::prefix('admin')->group(function () {
    Route::match(['get', 'post'], '/login', function () {
        if (isset($_SERVER['PHP_AUTH_USER'])) {
            if ($_SERVER['PHP_AUTH_USER'] === env('ADMIN_USER') &&
                $_SERVER['PHP_AUTH_PW'] === env('ADMIN_PASS')) {
                session(['admin_logged_in' => true]);
                return redirect('/admin/sessions');
            }
        }
        header('WWW-Authenticate: Basic realm="Admin Login"');
        abort(401);
    });

    Route::middleware([\App\Http\Middleware\EnsureAdminAuthenticated::class])->group(function () {
        Route::get('/sessions/create', [PokerController::class, 'createEstimationRoundForm'])->name('admin.session.create');
        Route::post('/sessions', [PokerController::class, 'createEstimationRound'])->name('admin.sessions.store');
        Route::get('/sessions', [PokerController::class, 'listEstimationRounds'])->name('admin.sessions');
        Route::get('/sessions/{id}', [PokerController::class, 'showEstimationRound']);
    });
});