import express from 'express';
import { syncUser, getCurrentUser, getAllUsers, updateUserRole, toggleBanUser, heartbeat, getActiveUsers, deleteUser } from '../controllers/userController.js';
import { extractUser, requireAdmin } from '../middleware/authMiddleware.js';

const router = express.Router();

// Sync user from Clerk (public - called on login)
router.post('/sync', syncUser);

// Get current user (requires extractUser middleware)
router.get('/me', extractUser, getCurrentUser);

// Heartbeat & Presence
router.post('/heartbeat', extractUser, heartbeat);
router.get('/active', extractUser, getActiveUsers);

// Admin-only routes
router.get('/', extractUser, requireAdmin, getAllUsers);
router.patch('/:id/role', extractUser, requireAdmin, updateUserRole);
router.patch('/:id/ban', extractUser, requireAdmin, toggleBanUser);
router.delete('/:id', extractUser, requireAdmin, deleteUser);

export default router;