import { Router } from 'express';
import { mfaController } from './mfa.controller.js';
import { authenticate } from '../../shared/middleware/auth.middleware.js';

const router = Router();

// All MFA routes require authentication
router.use(authenticate);

// Setup
router.post('/setup', (req, res, next) => mfaController.setup(req, res, next));
router.post('/verify-setup', (req, res, next) => mfaController.verifySetup(req, res, next));

// Management
router.get('/status', (req, res, next) => mfaController.getStatus(req, res, next));
router.post('/disable', (req, res, next) => mfaController.disable(req, res, next));
router.post('/regenerate-codes', (req, res, next) => mfaController.regenerateBackupCodes(req, res, next));

export default router;