<?php

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\Api\EventPublicController;

// API routes without CSRF protection for guest PWA (stateless)
Route::prefix('v1')->name('api.v1.')->group(function () {
    // GET routes (read-only)
    Route::get('/events/{slug}', [EventPublicController::class, 'event'])->name('events.show');
    Route::get('/events/{slug}/stats', [EventPublicController::class, 'stats'])->name('events.stats');
    Route::get('/events/{slug}/emotions', [EventPublicController::class, 'emotions'])->name('events.emotions');
    Route::get('/events/{slug}/tasks', [EventPublicController::class, 'tasks'])->name('events.tasks');
    Route::get('/events/{slug}/photos', [EventPublicController::class, 'photos'])->name('events.photos');
    Route::get('/photos/{id}', [EventPublicController::class, 'photo'])->name('photos.show');
    
    // POST routes without CSRF (guest PWA, stateless)
    Route::post('/photos/{id}/like', [EventPublicController::class, 'like'])->name('photos.like');
    Route::post('/events/{slug}/upload', [EventPublicController::class, 'upload'])->name('events.upload');
});