// routes/viewRoutes.js
// Handles serving the HTML pages

const express = require('express');
const path = require('path');
// authenticateToken wird hier für '/' nicht mehr benötigt
// const authenticateToken = require('../middleware/authMiddleware');
const jwt = require('jsonwebtoken');
require('dotenv').config();

const router = express.Router();
const JWT_SECRET = process.env.JWT_SECRET;

// Helper function to check if a user is already logged in (valid token exists)
// Wird für /login und /register verwendet, um eingeloggte User zur Hauptseite umzuleiten
const checkAlreadyLoggedIn = (req, res, next) => {
    const token = req.cookies.token;
    if (token) {
        jwt.verify(token, JWT_SECRET, (err, user) => {
            if (!err && user) {
                // If token is valid, redirect logged-in users away from login/register pages
                return res.redirect('/');
            }
             // If token is invalid, clear it and proceed
            res.clearCookie('token');
            next();
        });
    } else {
        // No token, proceed
        next();
    }
};


// Serve the main todo app page (index.html) - KEINE Authentifizierung mehr hier
// Die Seite wird immer geladen. Das Frontend-JS prüft den Login-Status.
router.get('/', (req, res) => {
  res.sendFile(path.join(__dirname, '..', 'public', 'index.html'));
});

// Serve the login page - If already logged in, redirect to '/'
router.get('/login', checkAlreadyLoggedIn, (req, res) => {
  res.sendFile(path.join(__dirname, '..', 'public', 'login.html'));
});

// Serve the registration page - If already logged in, redirect to '/'
router.get('/register', checkAlreadyLoggedIn, (req, res) => {
  res.sendFile(path.join(__dirname, '..', 'public', 'register.html'));
});

module.exports = router;