const express = require("express");
const router = express.Router();
const controller = require("../controllers/households.controller");
const auth = require("../middleware/auth");
const {
  householdAccess,
  requireHouseholdAdmin,
} = require("../middleware/household");

// Public routes (authenticated only)
router.get("/", auth, controller.getUserHouseholds);
router.post("/", auth, controller.createHousehold);
router.post("/join/:inviteCode", auth, controller.joinHousehold);

// Household-scoped routes (member access required)
router.get("/:householdId", auth, householdAccess, controller.getHousehold);
router.patch(
  "/:householdId",
  auth,
  householdAccess,
  requireHouseholdAdmin,
  controller.updateHousehold
);
router.delete(
  "/:householdId",
  auth,
  householdAccess,
  requireHouseholdAdmin,
  controller.deleteHousehold
);
router.post(
  "/:householdId/invite/refresh",
  auth,
  householdAccess,
  requireHouseholdAdmin,
  controller.refreshInviteCode
);

// Member management routes
router.get(
  "/:householdId/members",
  auth,
  householdAccess,
  controller.getMembers
);
router.patch(
  "/:householdId/members/:userId/role",
  auth,
  householdAccess,
  requireHouseholdAdmin,
  controller.updateMemberRole
);
router.delete(
  "/:householdId/members/:userId",
  auth,
  householdAccess,
  controller.removeMember
);

module.exports = router;