from fastapi import FastAPI, Depends
from fastapi.middleware.cors import CORSMiddleware
from app.core.security import get_current_user
from app.routes import auth, companies, employees, salary, loans, benefits, payroll, portfolio
from app.routes import portfolio_files

app = FastAPI(
    title="Persona API",
    version="1.0.0",
    description="Personal management system",
)

app.add_middleware(
    CORSMiddleware,
    allow_origins=["http://localhost:8003"],
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

# Public routes
app.include_router(auth.router)
app.include_router(portfolio_files.router)  # file serving — no JWT, UUID filenames provide security

# Protected routes (require JWT Bearer token)
app.include_router(companies.router, dependencies=[Depends(get_current_user)])
app.include_router(employees.router, dependencies=[Depends(get_current_user)])
app.include_router(salary.router, dependencies=[Depends(get_current_user)])
app.include_router(loans.router, dependencies=[Depends(get_current_user)])
app.include_router(benefits.router, dependencies=[Depends(get_current_user)])
app.include_router(payroll.router, dependencies=[Depends(get_current_user)])
app.include_router(portfolio.router, dependencies=[Depends(get_current_user)])


@app.get("/")
def root():
    return {"message": "Persona Payroll API", "port": 8002}


@app.get("/api/health")
def health():
    return {"status": "ok"}