spotlightcam/backend/src/routes/auth.js

const express = require('express');
const {
  register,
  login,
  verifyEmailByToken,
  verifyEmailByCode,
  resendVerification,
  requestPasswordReset,
  resetPassword
} = require('../controllers/auth');
const { registerValidation, loginValidation } = require('../middleware/validators');

const router = express.Router();

// POST /api/auth/register - Register new user
router.post('/register', registerValidation, register);

// POST /api/auth/login - Login user
router.post('/login', loginValidation, login);

// GET /api/auth/verify-email?token=xxx - Verify email by token (link)
router.get('/verify-email', verifyEmailByToken);

// POST /api/auth/verify-code - Verify email by code (PIN)
router.post('/verify-code', verifyEmailByCode);

// POST /api/auth/resend-verification - Resend verification email
router.post('/resend-verification', resendVerification);

// POST /api/auth/request-password-reset - Request password reset
router.post('/request-password-reset', requestPasswordReset);

// POST /api/auth/reset-password - Reset password with token
router.post('/reset-password', resetPassword);

module.exports = router;