simpleshop_theme/lib/simpleshop_theme_web/router.ex

defmodule SimpleshopThemeWeb.Router do
  use SimpleshopThemeWeb, :router

  import SimpleshopThemeWeb.UserAuth

  pipeline :browser do
    plug :accepts, ["html"]
    plug :fetch_session
    plug :fetch_live_flash
    plug :put_root_layout, html: {SimpleshopThemeWeb.Layouts, :root}
    plug :protect_from_forgery
    plug :put_secure_browser_headers
    plug :fetch_current_scope_for_user
  end

  pipeline :api do
    plug :accepts, ["json"]
  end

  pipeline :shop do
    plug :put_root_layout, html: {SimpleshopThemeWeb.Layouts, :shop_root}
    plug SimpleshopThemeWeb.Plugs.LoadTheme
  end

  # Public storefront (root level)
  scope "/", SimpleshopThemeWeb do
    pipe_through [:browser, :shop]

    live_session :public_shop, layout: {SimpleshopThemeWeb.Layouts, :shop} do
      live "/", ShopLive.Home, :index
      live "/about", ShopLive.About, :index
      live "/contact", ShopLive.Contact, :index
      live "/collections/:slug", ShopLive.Collection, :show
      live "/products/:id", ShopLive.ProductShow, :show
      live "/cart", ShopLive.Cart, :index
    end
  end

  # Image serving routes (public, no auth required)
  scope "/images", SimpleshopThemeWeb do
    pipe_through :browser

    get "/:id", ImageController, :show
    get "/:id/thumbnail", ImageController, :thumbnail
    get "/:id/variant/:width", ImageController, :variant
    get "/:id/recolored/:color", ImageController, :recolored_svg
  end

  # Other scopes may use custom stacks.
  # scope "/api", SimpleshopThemeWeb do
  #   pipe_through :api
  # end

  # Enable LiveDashboard and Swoosh mailbox preview in development
  if Application.compile_env(:simpleshop_theme, :dev_routes) do
    # If you want to use the LiveDashboard in production, you should put
    # it behind authentication and allow only admins to access it.
    # If your application does not have an admins-only section yet,
    # you can use Plug.BasicAuth to set up some basic authentication
    # as long as you are also using SSL (which you should anyway).
    import Phoenix.LiveDashboard.Router

    scope "/dev" do
      pipe_through :browser

      live_dashboard "/dashboard", metrics: SimpleshopThemeWeb.Telemetry
      forward "/mailbox", Plug.Swoosh.MailboxPreview

      # Preview error pages
      get "/errors/404", SimpleshopThemeWeb.ErrorPreviewController, :not_found
      get "/errors/500", SimpleshopThemeWeb.ErrorPreviewController, :server_error
    end
  end

  ## Authentication routes

  # /admin redirects to theme editor (requires auth, will redirect to login if needed)
  scope "/admin", SimpleshopThemeWeb do
    pipe_through [:browser, :require_authenticated_user]

    get "/", AdminController, :index
  end

  scope "/", SimpleshopThemeWeb do
    pipe_through [:browser, :require_authenticated_user]

    live_session :require_authenticated_user,
      on_mount: [{SimpleshopThemeWeb.UserAuth, :require_authenticated}] do
      live "/users/settings", UserLive.Settings, :edit
      live "/users/settings/confirm-email/:token", UserLive.Settings, :confirm_email
      live "/admin/theme", ThemeLive.Index, :index
    end

    post "/users/update-password", UserSessionController, :update_password
  end

  scope "/", SimpleshopThemeWeb do
    pipe_through [:browser]

    live_session :current_user,
      on_mount: [{SimpleshopThemeWeb.UserAuth, :mount_current_scope}] do
      live "/users/register", UserLive.Registration, :new
      live "/users/log-in", UserLive.Login, :new
      live "/users/log-in/:token", UserLive.Confirmation, :new
    end

    post "/users/log-in", UserSessionController, :create
    delete "/users/log-out", UserSessionController, :delete
  end
end