const express = require('express');
const router = express.Router();
const stripeController = require('../controllers/stripeController');
const { authenticateJWT, authorizeRoles } = require('../middlewares/auth');

router.use(authenticateJWT, authorizeRoles('caregiver'));

router.post('/subscribe', stripeController.subscribe);
router.get('/invoices', stripeController.invoices);

// Webhook (no auth)
router.post('/webhook', express.raw({ type: 'application/json' }), stripeController.webhook);

module.exports = router;