"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.createRouter = createRouter;
/**
 * ABE API Router — registers all module routes.
 */
const express_1 = require("express");
const CrawlingController_1 = require("../modules/crawling/infrastructure/http/CrawlingController");
const FindingsController_1 = require("../modules/findings/infrastructure/http/FindingsController");
const FuzzingController_1 = require("../modules/fuzzing/infrastructure/http/FuzzingController");
const ReportingController_1 = require("../modules/reporting/infrastructure/http/ReportingController");
const IntegrationsController_1 = require("../modules/integrations/infrastructure/http/IntegrationsController");
const SchedulingController_1 = require("../modules/scheduling/infrastructure/http/SchedulingController");
const VisualRegressionController_1 = require("../modules/visual-regression/infrastructure/http/VisualRegressionController");
const LicensingController_1 = require("../modules/licensing/infrastructure/http/LicensingController");
const FeatureGateMiddleware_1 = require("../modules/licensing/infrastructure/middleware/FeatureGateMiddleware");
const AuthController_1 = require("../modules/auth/infrastructure/http/AuthController");
const AuthMiddleware_1 = require("../modules/auth/application/middleware/AuthMiddleware");
const SSOController_1 = require("../modules/sso/infrastructure/http/SSOController");
const AuditController_1 = require("../modules/audit/infrastructure/http/AuditController");
const branding_1 = require("./branding");
function createRouter(deps) {
    const router = (0, express_1.Router)();
    const { authDeps, licenseService } = deps;
    // Auth routes — public (no auth middleware)
    router.use('/auth', (0, AuthController_1.createAuthController)(authDeps.registerCommand, authDeps.loginCommand, authDeps.createOrgCommand, authDeps.inviteMemberCommand, authDeps.createApiKeyCommand, authDeps.getUserQuery, authDeps.listOrgMembersQuery, authDeps.sessionRepository, authDeps.apiKeyRepository, authDeps.userRepository));
    // Apply auth middleware to all routes below
    const authMiddleware = (0, AuthMiddleware_1.createAuthMiddleware)(authDeps.userRepository, authDeps.sessionRepository, authDeps.apiKeyRepository);
    router.use(authMiddleware);
    router.use('/sessions', (0, CrawlingController_1.createCrawlingRouter)(deps.crawlingDeps));
    router.use('/findings', (0, FindingsController_1.createFindingsRouter)(deps.findingsDeps));
    router.use('/fuzz', (0, FuzzingController_1.createFuzzingRouter)(deps.fuzzingDeps));
    router.use('/reports', (0, FeatureGateMiddleware_1.requireFeature)(licenseService, 'reports:basic'), (0, ReportingController_1.createReportingRouter)(deps.reportingDeps));
    router.use('/integrations', (0, FeatureGateMiddleware_1.requireFeature)(licenseService, 'integrations:webhook'), (0, IntegrationsController_1.createIntegrationsRouter)(deps.integrationsDeps));
    router.use('/schedules', (0, SchedulingController_1.createSchedulingRouter)(deps.schedulingDeps));
    router.use('/visual', (0, VisualRegressionController_1.createVisualRegressionRouter)(deps.visualRegressionDeps));
    // Licensing routes (public-ish — only status and activate, no sensitive data)
    const licensingController = new LicensingController_1.LicensingController(licenseService);
    router.use('/license', licensingController.router);
    // Enterprise: SSO + MFA (feature-gated)
    router.use('/sso', (0, FeatureGateMiddleware_1.requireFeature)(licenseService, 'auth:sso'), (0, SSOController_1.createSSORouter)(deps.ssoDeps));
    // Enterprise: Audit logs (feature-gated)
    router.use('/audit', (0, FeatureGateMiddleware_1.requireFeature)(licenseService, 'audit:logs'), (0, AuditController_1.createAuditRouter)(deps.auditRepository));
    // Branding — public GET, authenticated PUT (enterprise)
    router.use('/branding', (0, branding_1.createBrandingRouter)(deps.db));
    return router;
}