const config = require('../config');
const database = require('../database');

// Middleware to check authentication via signed cookie
async function requireAuth(req, reply) {
  const raw = req.cookies && req.cookies.kitchen_session;
  if (!raw) { reply.redirect('/login'); return; }
  const { valid, value } = req.unsignCookie(raw || '');
  if (!valid) { reply.redirect('/login'); return; }
  const token = config.get('authToken');
  const expiry = config.get('tokenExpiry');
  const apiClient = require('../api-client');
  if (!token || apiClient.isTokenExpired(expiry) || value !== token) {
    reply.redirect('/login');
    return;
  }
}

async function dashboardRoutes(fastify, options) {

  // Dashboard page
  fastify.get('/dashboard', { preHandler: requireAuth }, async (req, reply) => {
    const appConfig = config.getAll();
    const stats = database.getOrderStats();
    
    return reply.view('dashboard', {
      config: appConfig,
      stats: stats,
      showStats: appConfig.showOrderStats !== 'false'
    });
  });
}

module.exports = dashboardRoutes;