const express = require('express'); const router = express.Router(); const { body, param, validationResult } = require('express-validator'); const representativesController = require('../controllers/representatives'); const emailsController = require('../controllers/emails'); const campaignsController = require('../controllers/campaigns'); const rateLimiter = require('../utils/rate-limiter'); const { requireAdmin } = require('../middleware/auth'); // Validation middleware const handleValidationErrors = (req, res, next) => { const errors = validationResult(req); if (!errors.isEmpty()) { return res.status(400).json({ errors: errors.array() }); } next(); }; // Test endpoints router.get('/health', (req, res) => { res.json({ status: 'ok', timestamp: new Date().toISOString() }); }); router.get('/test-represent', representativesController.testConnection); // Representatives endpoints router.get( '/representatives/by-postal/:postalCode', param('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format'), handleValidationErrors, rateLimiter.general, representativesController.getByPostalCode ); router.post( '/representatives/refresh-postal/:postalCode', param('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format'), handleValidationErrors, representativesController.refreshPostalCode ); // Email endpoints router.post( '/emails/send', rateLimiter.email, [ body('recipientEmail').isEmail().withMessage('Valid email is required'), body('senderName').notEmpty().withMessage('Sender name is required'), body('senderEmail').isEmail().withMessage('Valid sender email is required'), body('subject').notEmpty().withMessage('Subject is required'), body('message').notEmpty().withMessage('Message is required'), body('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format') ], handleValidationErrors, emailsController.sendEmail ); // Campaign endpoints (Admin) - Protected router.get('/admin/campaigns', requireAdmin, rateLimiter.general, campaignsController.getAllCampaigns); router.get('/admin/campaigns/:id', requireAdmin, rateLimiter.general, campaignsController.getCampaignById); router.post( '/admin/campaigns', requireAdmin, rateLimiter.general, [ body('title').notEmpty().withMessage('Campaign title is required'), body('email_subject').notEmpty().withMessage('Email subject is required'), body('email_body').notEmpty().withMessage('Email body is required') ], handleValidationErrors, campaignsController.createCampaign ); router.put('/admin/campaigns/:id', requireAdmin, rateLimiter.general, campaignsController.updateCampaign); router.delete('/admin/campaigns/:id', requireAdmin, rateLimiter.general, campaignsController.deleteCampaign); router.get('/admin/campaigns/:id/analytics', requireAdmin, rateLimiter.general, campaignsController.getCampaignAnalytics); // Campaign endpoints (Public) router.get('/campaigns/:slug', rateLimiter.general, campaignsController.getCampaignBySlug); router.get('/campaigns/:slug/representatives/:postalCode', rateLimiter.representAPI, campaignsController.getRepresentativesForCampaign); router.post( '/campaigns/:slug/track-user', rateLimiter.general, [ body('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format') ], handleValidationErrors, campaignsController.trackUserInfo ); router.post( '/campaigns/:slug/send-email', rateLimiter.email, [ body('recipientEmail').isEmail().withMessage('Valid recipient email is required'), body('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format'), body('emailMethod').isIn(['smtp', 'mailto']).withMessage('Email method must be smtp or mailto') ], handleValidationErrors, campaignsController.sendCampaignEmail ); module.exports = router;