const express = require('express');
const router = express.Router();
const locationsController = require('../controllers/locationsController');
const { strictLimiter } = require('../middleware/rateLimiter');
const { requireAuth } = require('../middleware/auth');

// Get all locations (public)
router.get('/', locationsController.getAll);

// Get single location (public)
router.get('/:id', locationsController.getById);

// Create location (requires authentication)
router.post('/', requireAuth, strictLimiter, locationsController.create);

// Update location (requires authentication)
router.put('/:id', requireAuth, strictLimiter, locationsController.update);

// Delete location (requires authentication)
router.delete('/:id', requireAuth, strictLimiter, locationsController.delete);

module.exports = router;