<?php

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Route;

/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "api" middleware group. Make something great!
|
*/

Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
    return $request->user();
});

// Geschützte API-Routen
Route::middleware('auth:sanctum')->group(function () {
    // Beispiel-API-Route
    Route::get('/profile', function (Request $request) {
        return response()->json([
            'user' => $request->user(),
            'message' => 'Profil erfolgreich abgerufen',
        ]);
    });

    // Token-Erstellung (bereits durch Sanctum bereitgestellt)
    // POST /api/tokens/create
    // POST /api/tokens/revoke
});

// Öffentliche API-Routen
Route::post('/login', function (Request $request) {
    $credentials = $request->validate([
        'email' => 'required|email',
        'password' => 'required',
    ]);

    if (Auth::attempt($credentials)) {
        $user = Auth::user();
        $token = $user->createToken('api-token')->plainTextToken;

        return response()->json([
            'token' => $token,
            'user' => $user,
            'message' => 'Erfolgreich angemeldet',
        ]);
    }

    return response()->json([
        'message' => 'Ungültige Anmeldedaten',
    ], 401);
});