"""
Auth domain URL Configuration for ThrillWiki API v1.

This module contains URL patterns for core authentication functionality only.
User profiles and top lists are handled by the dedicated accounts app.
"""

from django.urls import include, path
from rest_framework_simplejwt.views import TokenRefreshView

from . import mfa as mfa_views
from .views import (
    AuthStatusAPIView,
    # Social provider management views
    AvailableProvidersAPIView,
    ConnectedProvidersAPIView,
    ConnectProviderAPIView,
    CurrentUserAPIView,
    DisconnectProviderAPIView,
    # Email verification views
    EmailVerificationAPIView,
    # Main auth views
    LoginAPIView,
    LogoutAPIView,
    PasswordChangeAPIView,
    PasswordResetAPIView,
    ResendVerificationAPIView,
    SignupAPIView,
    SocialAuthStatusAPIView,
    SocialProvidersAPIView,
)

urlpatterns = [
    # Core authentication endpoints
    path("login/", LoginAPIView.as_view(), name="auth-login"),
    path("signup/", SignupAPIView.as_view(), name="auth-signup"),
    path("logout/", LogoutAPIView.as_view(), name="auth-logout"),
    path("user/", CurrentUserAPIView.as_view(), name="auth-current-user"),

    # JWT token management
    path("token/refresh/", TokenRefreshView.as_view(), name="auth-token-refresh"),

    # Social authentication endpoints (dj-rest-auth)
    path("social/", include("dj_rest_auth.registration.urls")),

    path(
        "password/reset/",
        PasswordResetAPIView.as_view(),
        name="auth-password-reset",
    ),
    path(
        "password/change/",
        PasswordChangeAPIView.as_view(),
        name="auth-password-change",
    ),
    path(
        "social/providers/",
        SocialProvidersAPIView.as_view(),
        name="auth-social-providers",
    ),

    # Social provider management endpoints
    path(
        "social/providers/available/",
        AvailableProvidersAPIView.as_view(),
        name="auth-social-providers-available",
    ),
    path(
        "social/connected/",
        ConnectedProvidersAPIView.as_view(),
        name="auth-social-connected",
    ),
    path(
        "social/connect/<str:provider>/",
        ConnectProviderAPIView.as_view(),
        name="auth-social-connect",
    ),
    path(
        "social/disconnect/<str:provider>/",
        DisconnectProviderAPIView.as_view(),
        name="auth-social-disconnect",
    ),
    path(
        "social/status/",
        SocialAuthStatusAPIView.as_view(),
        name="auth-social-status",
    ),

    path("status/", AuthStatusAPIView.as_view(), name="auth-status"),

    # Email verification endpoints
    path(
        "verify-email/<str:token>/",
        EmailVerificationAPIView.as_view(),
        name="auth-verify-email",
    ),
    path(
        "resend-verification/",
        ResendVerificationAPIView.as_view(),
        name="auth-resend-verification",
    ),

    # MFA (Multi-Factor Authentication) endpoints
    path("mfa/status/", mfa_views.get_mfa_status, name="auth-mfa-status"),
    path("mfa/totp/setup/", mfa_views.setup_totp, name="auth-mfa-totp-setup"),
    path("mfa/totp/activate/", mfa_views.activate_totp, name="auth-mfa-totp-activate"),
    path("mfa/totp/deactivate/", mfa_views.deactivate_totp, name="auth-mfa-totp-deactivate"),
    path("mfa/totp/verify/", mfa_views.verify_totp, name="auth-mfa-totp-verify"),
    path("mfa/recovery-codes/regenerate/", mfa_views.regenerate_recovery_codes, name="auth-mfa-recovery-regenerate"),
]

# Note: User profiles and top lists functionality is now handled by the accounts app
# to maintain clean separation of concerns and avoid duplicate API endpoints.