mod handlers;
mod mail;

use axum::{routing::get, Router};
use std::net::SocketAddr;
use std::sync::Arc;
use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt};
use sqlx::PgPool;
use mail::Mailer;

#[derive(Clone)]
pub struct AppState {
    pub pool:  PgPool,
    pub mail:  Arc<Mailer>,
    pub redis: cache::RedisPool,
}

#[tokio::main]
async fn main() {
    tracing_subscriber::registry()
        .with(tracing_subscriber::EnvFilter::new(
            std::env::var("RUST_LOG").unwrap_or_else(|_| "info".into()),
        ))
        .with(tracing_subscriber::fmt::layer())
        .init();

    tracing::info!("Starting Employees service - Strict Internal Separation");

    // Fail fast — critical env vars must be present before binding any port
    std::env::var("JWT_SECRET").expect("JWT_SECRET must be set");

    let database_url =
        std::env::var("DATABASE_URL").expect("DATABASE_URL must be set");

    let pool = db::establish_connection(&database_url)
        .await
        .expect("Failed to connect to the database");

    tracing::info!("Connected to the database");

    let redis_url = std::env::var("REDIS_URL")
        .unwrap_or_else(|_| "redis://127.0.0.1:6379".to_string());
    let redis = cache::connect(&redis_url)
        .await
        .expect("Failed to connect to Redis");
    tracing::info!("Connected to Redis");

    let mailer = Arc::new(Mailer::new());

    let state = AppState {
        pool,
        mail:  mailer,
        redis,
    };

    let app = Router::new()
        // ── Auth (Internal Only) ─────────────────────────────────────────
        .nest("/api/admin/auth", handlers::auth::router())
        
        // ── HR Management (Internal Staff) ──────────────────────────────
        .nest("/api/admin/departments", handlers::departments::router())
        .nest("/api/admin/designations", handlers::designations::router())
        .nest("/api/admin/employees", handlers::employees::router())
        
        .route("/health", get(|| async { "Employees OK" }))
        .with_state(state);

    let port: u16 = std::env::var("PORT")
        .unwrap_or_else(|_| "9106".to_string())
        .parse()
        .expect("PORT must be a valid u16");
    let addr = SocketAddr::from(([0, 0, 0, 0], port));

    tracing::info!("Employees service listening on {}", addr);

    let listener = tokio::net::TcpListener::bind(&addr).await.unwrap();
    axum::serve(listener, app).await.unwrap();
}