import express from "express";
import { auth } from "../middleware/auth.js";
import { uploadLimiter } from "../middleware/rateLimit.js";
import { securityAudit } from "../utils/securityAudit.js";

const r = express.Router();

r.post("/init", auth, uploadLimiter, (req, res) => {
  if (req.body.size > 100 * 1024 * 1024) return res.sendStatus(413);
  res.json({ uploadId: Date.now().toString() });
});

r.post("/complete", auth, async (req, res) => {
  await securityAudit(req, { action: "UPLOAD_COMPLETE", severity: "info" });
  res.json({ ok: true });
});

export default r;